Date: Sun, 31 Dec 2006 14:02:00 -0800 From: perryh@pluto.rain.com To: chris@childeric.freeserve.co.uk Cc: questions@freebsd.org Subject: Re: what is operator group for? Message-ID: <45983358.Juh4OWC8uNEjIKjw%perryh@pluto.rain.com> In-Reply-To: <4597CCA6.3080404@childeric.freeserve.co.uk> References: <4597CCA6.3080404@childeric.freeserve.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
> can anyone tell me what the operator group is for, or docs where I can > read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both > executable by members and various things in /dev/ are mountable by them. My understanding is that group "operator" is intended for those who deal with devices, e.g. running backups and monitoring printers. > I want a regular user to be able to mount removeable media and shutdown > the computer. If I make them a member of operator group what else am I > allowing them to do? With the usual permission settings, you are also allowing them to read disks directly (e.g. with dump(8)), and thus to read any file on the system -- including the system's and other users' private key files. One alternative is sudo.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45983358.Juh4OWC8uNEjIKjw%perryh>