Date: Mon, 01 Jan 2007 17:33:26 +0000 From: Chris Whitehouse <chris@childeric.freeserve.co.uk> To: perryh@pluto.rain.com Cc: questions@freebsd.org Subject: Re: what is operator group for? Message-ID: <459945E6.8010906@childeric.freeserve.co.uk> In-Reply-To: <45983358.Juh4OWC8uNEjIKjw%perryh@pluto.rain.com> References: <4597CCA6.3080404@childeric.freeserve.co.uk> <45983358.Juh4OWC8uNEjIKjw%perryh@pluto.rain.com>
next in thread | previous in thread | raw e-mail | index | archive | help
perryh@pluto.rain.com wrote: > >> I want a regular user to be able to mount removeable media and shutdown >> the computer. If I make them a member of operator group what else am I >> allowing them to do? > > With the usual permission settings, you are also allowing them to read > disks directly (e.g. with dump(8)), and thus to read any file on the > system -- including the system's and other users' private key files. Good point, thanks > > One alternative is sudo. There are some notes somewhere about setting up a group and setting permissions in devfs.conf and devfs.rules which I have been using. I thought maybe using operator would be more convenient. Doing my own setup is fiddly but I know what they are allowed. And sudo for shutting down works fine. Thanks for the reply. Chris > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?459945E6.8010906>