Date: Thu, 1 Nov 2001 14:10:05 +0100 From: "Anthony Atkielski" <anthony@atkielski.com> To: "FreeBSD Questions" <freebsd-questions@freebsd.org> Subject: Re: Tiny starter configuration for FreeBSD Message-ID: <00cf01c162d6$8ada24c0$0a00000a@atkielski.com> References: <00ce01c162d1$054242c0$1401a8c0@tedm.placo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Ted writes: > Webmin contains it's own security mechanism that is > much more fine grained than the UNIX system permission. Is this a CLI application, or does it need to run under X? My policy in the past on systems with UNIX-like security (or rather lack thereof) has been to set up specific commands for each task that must be carried out as root. Authorized persons can then execute these commands (each of which has its own checks for authorization, or references some common file for such information) to do only what they are supposed to be able to do. Most other people reach this same conclusion independently, and it seems that it is routine on UNIX systems to do things this way. It works well, although it requires a lot of coding and administration for the handful of people who really are authorized to be root. It also has to be audited carefully, so that no command permits doing more than it should, and no Trojan horses slip into the system. For timesharing systems contemporary with UNIX, this sort of arrangement is more the rule than the exception, in fact. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00cf01c162d6$8ada24c0$0a00000a>