From owner-freebsd-security Fri Jul 12 22:53:11 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id WAA11990 for security-outgoing; Fri, 12 Jul 1996 22:53:11 -0700 (PDT) Received: from post.io.org (post.io.org [198.133.36.6]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id WAA11971 for ; Fri, 12 Jul 1996 22:53:06 -0700 (PDT) Received: from zap.io.org (taob@zap.io.org [198.133.36.81]) by post.io.org (8.7.5/8.7.3) with SMTP id BAA08953; Sat, 13 Jul 1996 01:51:21 -0400 (EDT) Date: Sat, 13 Jul 1996 01:51:20 -0400 (EDT) From: Brian Tao To: Nathan Lawson cc: freebsd-security@FreeBSD.ORG Subject: Re: sudo In-Reply-To: <199607100542.WAA06366@kdat.calpoly.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Tue, 9 Jul 1996, Nathan Lawson wrote: > > Second, something you said bothers me. They want to do root stuff > even though you are paid to do that. They want the ability because some things that only a short time to do (adding a new user, or restarting a Web server) end up taking a day or more because I can't get around to it right away. I suppose for many tasks, a small, inflexible setuid binary will do the trick, or adding group write permissions to config files and the like. > Are you and they willing to accept the fact that it might take you > extra time and/or money to clean up after them? It'll be my time, but the customer's money. ;-) Anything they screw up that requires extra work on our part (not included in the contract or by prior agreement) is charged at some exorbitant rate. I'm just weighing some alternatives to expedite the day-to-day tasks performed by the superuser. -- Brian Tao (BT300, taob@io.org, taob@ican.net) Senior Systems and Network Administrator, Internet Canada Corp. "Though this be madness, yet there is method in't"