[754] in linux-security and linux-alert archive
Re: [linux-security] standard users,groups,perms?
daemon@ATHENA.MIT.EDU (Richard Black)
Thu Jun 6 13:25:07 1996
To: jjr@zilker.net (Jeffrey J. Radice)
cc: linux-security@tarsier.cv.nrao.edu, Richard.Black@cl.cam.ac.uk
In-reply-to: Your message of "Tue, 04 Jun 1996 14:39:23 CDT."
<199606041939.OAA13424@oak.zilker.net>
Date: Thu, 06 Jun 1996 14:05:53 +0100
From: Richard Black <Richard.Black@cl.cam.ac.uk>
At this site we integrate a large number of linux boxes with a large number of
other machines from very many other vendors.
Our experience is that some of the user / group assumptions on linux are
irritating, probably derived from the fact that many of the linux community
appear to manage their machines locally where the user is the administrator
and the machine is isolated. Witnes (for example) the very long time for which
the password entries in /etc/passwd were not encrypted correctly for
alpha_linux (a 64bit problem) and it wasnt noticed!!
One of the irritating assumptions is that group "root" exists. There are too
many packages whose "make install" contains "chown root.root ....". We dont
have a root group, our /etc/group file is common across all our machines.
Another is that roots home directory is not the root of the filesystem. This
is the very first thing we have to fix on any linux installation - its
complete brain damage. If you have automatic systems installing and updating
remotely using rsh etc on many different systems some of which have different
partitioning information and different partitions served r/o from different
places etc, you must be in a position to be able to use rsh and rdist with
root-relative paths.
--
-----
Richard Black (usual disclaimers)
University of Cambridge
Computer Laboratory
Cambridge
United Kingdom