[754] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] standard users,groups,perms?

daemon@ATHENA.MIT.EDU (Richard Black)
Thu Jun 6 13:25:07 1996

To: jjr@zilker.net (Jeffrey J. Radice)
cc: linux-security@tarsier.cv.nrao.edu, Richard.Black@cl.cam.ac.uk
In-reply-to: Your message of "Tue, 04 Jun 1996 14:39:23 CDT."
             <199606041939.OAA13424@oak.zilker.net> 
Date: Thu, 06 Jun 1996 14:05:53 +0100
From: Richard Black <Richard.Black@cl.cam.ac.uk>


At this site we integrate a large number of linux boxes with a large number of 
other machines from very many other vendors.

Our experience is that some of the user / group assumptions on linux are 
irritating, probably derived from the fact that many of the linux community 
appear to manage their machines locally where the user is the administrator 
and the machine is isolated. Witnes (for example) the very long time for which 
the password entries in /etc/passwd were not encrypted correctly for 
alpha_linux (a 64bit problem) and it wasnt noticed!!

One of the irritating assumptions is that group "root" exists. There are too 
many packages whose "make install" contains "chown root.root ....". We dont 
have a root group, our /etc/group file is common across all our machines.

Another is that roots home directory is not the root of the filesystem. This 
is the very first thing we have to fix on any linux installation - its 
complete brain damage. If you have automatic systems installing and updating 
remotely using rsh etc on many different systems some of which have different 
partitioning information and different partitions served r/o from different 
places etc, you must be in a position to be able to use rsh and rdist with 
root-relative paths.

-- 
-----
Richard Black				(usual disclaimers)
University of Cambridge
Computer Laboratory
Cambridge
United Kingdom


home help back first fref pref prev next nref lref last post