[Fwd: Re: [techtalk] Users, groups, admins, roots...]

Snarfblat coderman at mindspring.com
Wed Apr 19 11:04:06 EST 2000


I will learn how to reply...
I will learn how to reply... 

-------- Original Message --------
Subject: Re: [techtalk] Users, groups, admins, roots...
Date: Wed, 19 Apr 2000 10:22:44 -0500
From: Snarfblat <coderman at mindspring.com>
To: Ian Phillips <ianp at tibco.com>
References: <NDBBIBCHOLAKGOLCADNDOEEGCKAA.ianp at tibco.com>

Ian Phillips wrote:
> 
> > You cannot duplicate root. You can, however, duplicate some of root's
> > functions using sudo. I've never personally done it, but I know it can
> > be done.
> 
> Hmm, that disagrees with my story. But since I've been out of sysadmin work for about 6 months now I may well be in the wrong. If so, sorry for the bad advice.
> 
> Anyone care to give a definitive answer?
> 

I believe the difference in question is the fact that sudo and
other setuid programs do not run with a real user ID of root (0),
but with an effective user ID as root (0).  This is usually no
consequence, as most programs will let you do what you want if
your real OR effective user ID is root (attach to ports, read
files..)

However, there are some things that only a real root user can do,
and this is where a sudo or setuid program will not work.

I could be completely off base..  YMMV.

-- 
.oO()Oo.oO()Oo.oO()Oo.oO()Oo.oO()Oo.oO()Oo.oO()Oo.oO()Oo.oO()Oo.
    coderman at mindspring.com | http://cubicmetercrystal.com/
         "You are the product of a mutational union 
           of ~640Mbytes of genetic information."





More information about the Techtalk mailing list