implications of adding root to a group
Steve O'Hara-Smith
steve at sohara.org
Fri Aug 24 05:54:03 UTC 2012
On Thu, 23 Aug 2012 23:07:04 +0200
Damien Fleuriot <ml at my.gd> wrote:
>
> On 23 Aug 2012, at 17:26, Steve O'Hara-Smith <steve at sohara.org> wrote:
>
> > On Thu, 23 Aug 2012 07:51:10 -0700
> > Krims G <krimskrims at gmail.com> wrote:
> >
> >> Hello, I've been looking at the /etc/group and have noticed that some
> >> groups have root included in them, for example "operator". Is it not
> >> implied that root has access to all things and groups? What is the
> >> purpose of adding root to a group? If I add root to some new arbitrary
> >> group, what does it result in differently than if I do not add root to
> >> that group?
> >
> > The root user has the ability to ignore file permissions, but not
> > the ability to subvert group membership tests in scripts or programs.
> >
> > --
> > Steve O'Hara-Smith |
>
>
> While I can compute what you wrote, I fail to see the implications.
>
> Would you kindly explain in layman's terms ?
Any script or program that checks group membership before
proceeding will execute for root regardless of permissions but won't do
anything (except emit a message) unless root is also a member of the
required group.
--
Steve O'Hara-Smith | Directable Mirror Arrays
C:>WIN | A better way to focus the sun
The computer obeys and wins. | licences available see
You lose and Bill collects. | http://www.sohara.org/
More information about the freebsd-questions
mailing list