Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 19 Feb 2016 22:17:42 +0000 (UTC)
From:      Christian Weisgerber <naddy@mips.inka.de>
To:        freebsd-questions@freebsd.org
Subject:   Re: minimize use of root account
Message-ID:  <slrnncf546.1c8b.naddy@lorvorc.mips.inka.de>
References:  <CACo--mv9qU2ZwtTuZRQBpioEr+enT=sd-SJ79BFumZt5aL18jg@mail.gmail.com> <1455859963.3464449.525672506.6773F275@webmail.messagingengine.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On 2016-02-19, "Ardie H. Hwang" <iam@ardiefox.me> wrote:

> Adding a normal user to `operator` group allows the user to use `shutdown(1) command. `reboot(1)` is only for root, but it can be substituted with `shutdown -r now`.

Note that group operator also grants read access to disk devices.
(The idea is that such users can run backups with dump(8).)
This effectively means read access to any and all files on those
disks, regardless of the filesystem permissions.

-- 
Christian "naddy" Weisgerber                          naddy@mips.inka.de



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?slrnncf546.1c8b.naddy>