Re: Use SilverKeeper until time machine ships

In article <tomstiller-61D21B.13294212082006@xxxxxxxxxxxxxxxxxxxxxxxx>,
Tom Stiller <tomstiller@xxxxxxxxxxx> wrote:

Making it easy for the "average user" to make modifications is not the
same thing as making he "average user" understand the consequences of
those modifications.

Right.

In my opinion, such system information should stay right where it is.
Knowledgeable unix administrators will know if and how it should be
modified.

System level functions that need to be user modifiable can be
manipulated as they are now, with specialized GUI interfaces and it
doesn't matter where the actual data is stored.

The idea is that some tasks should be done by a more restricted 'admin'
account, or more restriced 'admin' permissions. It could be done via GUI
or from the console - it hard to prevent the latter on a UNIX system
anyway. The 'root' permissions should only be needed when the core UNIX
installation needs to be altered, like an update. So, in this models, some
Mac OS X updates may require a special 'root' permissions password to be
used. But normal Application installations should only need 'admin'
permissions. This way, one might make it difficult for viruses to install
root kits etc. But also, the typical newbie wanting to do UNIX installs
should be prevented from dong installs in /usr/bin/, but instead doing it
in selected places like /usr/local/. Only if one really knows what one is
doing, and is explicitly selecting full 'root' permissions should one be
able to alter places like /usr/bin/.

It is just an idea. It is complicated to work this permissions stuff out
in practice. But from some of the posts in this newsgroup, it seems that
the average family are moving towards doing at least some
UNIX administration at some times. Then it is dangerous to have full
'root' permissions in hand, as it is so easy to corrupt the UNIX
installation itself.

--
Hans Aberg
.

Relevant Pages

  • Re: MISSING PAGEFILE.SYS FILE
    ... "George Hester" wrote: ... Not a folder on C drive called root. ... There is no need to have a seperate permissions set for the System account ... Am beginning to wonder if I have a partial SP-2 installation problem. ...
    (microsoft.public.windowsxp.general)
  • Re: WinPE - what happens to filesystem in these scenarios
    ... Yes the root of the drive will have permissions on it after the ... installation, as part of the OS installation permissions will be set on the ... Yes you should be able to install Windows 2000 Server, Windows Server 2003 ...
    (microsoft.public.windows.server.setup)
  • Re: SFU3.5 and getting permissions to work
    ... You associate a Windows user with a Unix user (eg root). ... Whenever a file is written there by the unix server, it typically comes across as having permissions only of SYSTEM and read. ...
    (microsoft.public.win2000.active_directory)
  • Re: Modifying sudoers
    ... >> Right now it seems that 'sudo' gives the same permissions as root. ... >> want any user to do admin work. ... damage to the systems installation. ...
    (comp.sys.mac.system)
  • Re: What should be the permissions on a font?
    ... and would like to know what the permissions, owner, group, and others should be set to. ... These fonts will be accessed by six different accounts, ... Wheel is a root related group associated with system operations. ... Apple keeps changing their permissions phylosophies from release to release so nobody's installation matches anyone elses it would seem. ...
    (comp.sys.mac.system)