From owner-freebsd-questions Tue Jul 2 11:48:50 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA29487 for questions-outgoing; Tue, 2 Jul 1996 11:48:50 -0700 (PDT) Received: from ime.net (ime.net [204.97.248.4]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA29478 for ; Tue, 2 Jul 1996 11:48:34 -0700 (PDT) Received: from kimiko.tcguy.net (buxton-5.ime.net [206.231.148.134]) by ime.net (8.7.4/8.6.12) with SMTP id OAA13754; Tue, 2 Jul 1996 14:44:14 -0400 (EDT) Message-ID: <31D96E27.4F97@ime.net> Date: Tue, 02 Jul 1996 14:44:55 -0400 From: Gary Chrysler Reply-To: tcg@ime.net Organization: The Computer Guy X-Mailer: Mozilla 3.0b4Gold (Win95; I) MIME-Version: 1.0 To: Jim Dennis CC: fqueries@jraynard.demon.co.uk, dwhite@resnet.uoregon.edu, questions@FreeBSD.org Subject: Re: src tree owners References: <201007021826.LAA23381@mistery.mcafee.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-questions@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk Jim Dennis wrote: > > > > > James Raynard wrote: > > > > > Is it safe to chown the src tree so one can use it without > > > > > having to be su. > > > > > Is there a `proper` way for this? > > > > Why? You have to be su to write to anything in there by default (and I > > > > know this from many personal experieneces forgetting to su to root before > > > > editing my kernel config :-). > > > Erm, perhaps that was why he was asking? :-) > > > > Thanks James.. :) > > > > > In any event, you have to be root to be able to *install* anything > > > you've built from the source tree, so there doesn't seem to be a great > > > deal of point in changing it. > > > > Yes, I understand the need to be root for install. No problem. > > But what about general editing of the source. > > I would like to make it so *I* don't have to su. > > It's very anoying to get into tweaking a source file, Go to save > > and it pops up `Read Only`! > > > > I know, su'ing first will solve that problem.. :) > > > > > On Unix, the `proper` way is for configuration files to be owned by > > > root - it's not a good idea to allow just anybody to change them! > > > > I Agree! My question was/is about the Source tree! > > You might consider simply adding yourself to the 'bin' group > (and setting the SGID bit on the directories). The default > configuration seems to leave the sources g+w and owned by > root.bin. > Awe, Add myself to bin.. Hmm, I didn't think this was ok being root itself is not included in bin. Is there something thats included in the Handbook or Book that explains what groups the SysAdmin (su) should be included in? I don't remember anything anywhere making suggestions for newbies on what groups they should include _themselves_ in. Current groups for myself. wheel:*:0:root,tcg operator:*:5:root,tcg staff:*:20:root,tcg guest:*:31:root,tcg Otherwise it's a stock 2.1r group file! > In a multi-user environment you should consider installing > tripwire and being particularly careful to monitor it for > source tree changes. Anyone who can get a simply change into > any source file -- and get 'root' to build it can effectively > take control of the entire system. (This is true of the system > binaries as well -- but more insidious). > Not a problem, There will be *NO_ONE* except myself with write privilages to the source tree! I just want to be able to do it without su'ing to root! -Enjoy Gary ~~~~~~~~~~~~~~~~ Improve America's Knowledge... Share yours The Borg... Where minds meet (207) 929-3848