Fwd: what is operator group for?
Chris Whitehouse
chris at childeric.freeserve.co.uk
Wed Jan 3 15:51:39 PST 2007
Jeff Rollin wrote:
> ---------- Forwarded message ----------
> From: Jeff Rollin <jeff.rollin at gmail.com>
> Date: 31-Dec-2006 19:43
> Subject: Re: what is operator group for?
> To: Chris Whitehouse <chris at childeric.freeserve.co.uk>
>
>
>
> On 31/12/06, Chris Whitehouse <chris at childeric.freeserve.co.uk> wrote:
>>
>> Hi all
>>
>> I sent this once already but didn't see it come back, sorry if it has
>> appeared twice.
>
>
> AFAIK it has only come up once, so that's OK.
>
> can anyone tell me what the operator group is for, or docs where I can
>> read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both
>> executable by members and various things in /dev/ are mountable by them.
>
>
> Originally things were set up that way so that people in the "operator"
> group could mount disks and tapes, shut the machine off, etc. root would do
> the system administration itself (removing rootkits, etc.)
>
> Well, when I say "originally" I mean "when the operator group was added to
> the system". I don't think it existed in early versions of UNIX.
>
> Jeff
>
>
Sorry for all the random appearances of this post, I posted once and it
didn't appear, so I posted again a couple of days later, then my posts
plus replies plus an offline reply and so recursively came at various times.
Summary of replies in case anyone else is looking:
perryh at pluto.rain.com
My understanding is that group "operator" is intended for those who
deal with devices, e.g. running backups and monitoring printers.
With the usual permission settings, you are also allowing them to read
disks directly (e.g. with dump(8)), and thus to read any file on the
system -- including the system's and other users' private key files.
One alternative is sudo.
gs_stoller at juno.com
> My understanding is that group "operator" is intended for those who
> deal with devices, e.g. running backups and monitoring printers.
The answer above is correct. I found the operator "group" described
in "Essential System Administration" by AEleen Frisch which is
published by O'Reilly & Associates, Inc.
Thanks everybody for answers
Chris
More information about the freebsd-questions
mailing list