Date: Fri, 24 Aug 2012 06:53:59 +0100 From: Steve O'Hara-Smith <steve@sohara.org> To: freebsd-questions@freebsd.org Subject: Re: implications of adding root to a group Message-ID: <20120824065359.82c1dc4b.steve@sohara.org> In-Reply-To: <B8CE39B4-6A1C-42CA-93FB-148CA392B4FA@my.gd> References: <CAK0Kb5FfcKzjOoLLwM%2BTX%2BZ17ZBC-gVSBUtrZNF7Ufpxk1c7FA@mail.gmail.com> <20120823162621.ae92b733.steve@sohara.org> <B8CE39B4-6A1C-42CA-93FB-148CA392B4FA@my.gd>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 23 Aug 2012 23:07:04 +0200 Damien Fleuriot <ml@my.gd> wrote: > > On 23 Aug 2012, at 17:26, Steve O'Hara-Smith <steve@sohara.org> wrote: > > > On Thu, 23 Aug 2012 07:51:10 -0700 > > Krims G <krimskrims@gmail.com> wrote: > > > >> Hello, I've been looking at the /etc/group and have noticed that some > >> groups have root included in them, for example "operator". Is it not > >> implied that root has access to all things and groups? What is the > >> purpose of adding root to a group? If I add root to some new arbitrary > >> group, what does it result in differently than if I do not add root to > >> that group? > > > > The root user has the ability to ignore file permissions, but not > > the ability to subvert group membership tests in scripts or programs. > > > > -- > > Steve O'Hara-Smith | > > > While I can compute what you wrote, I fail to see the implications. > > Would you kindly explain in layman's terms ? Any script or program that checks group membership before proceeding will execute for root regardless of permissions but won't do anything (except emit a message) unless root is also a member of the required group. -- Steve O'Hara-Smith | Directable Mirror Arrays C:>WIN | A better way to focus the sun The computer obeys and wins. | licences available see You lose and Bill collects. | http://www.sohara.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120824065359.82c1dc4b.steve>