From: Sylvain Robitaille on
Chick Tower wrote:

> What's the difference between a normal user and an otherwise
> unprivileged user, Sylvain?

A normal user is usually associated with a human, and might belong to
multiple groups, whereas an otherwise unprivileged user is a "software"
user and should belong to only one group.

You don't need the "news" user to be able to mount disks, or output
audio, for example. On my systems, programs that are setuid are also
executable only to group "users", so that only "normal users" can run
them, not "otherwise unprivileged users" (which don't belong to that
group).

Does that clarify what I mean?

--
----------------------------------------------------------------------
Sylvain Robitaille syl(a)encs.concordia.ca

Systems analyst / AITS Concordia University
Faculty of Engineering and Computer Science Montreal, Quebec, Canada
----------------------------------------------------------------------
From: Chick Tower on
On 2010-06-24, Sylvain Robitaille <syl(a)alcor.concordia.ca> wrote:
> Does that clarify what I mean?

Yes. I just don't recall seeing them defined that way before. Without
those definitions, they seem identical.
--
Chick Tower

For e-mail: aols2 DOT sent DOT towerboy AT xoxy DOT net
From: Sylvain Robitaille on
Chick Tower wrote:

> ... Without those definitions, they seem identical.

Until you start to consider whether it makes sense for an "httpd"
process (for example) to be able to run "crontab" (or some other setuid
root binary), mount disks, or activate a microphone input, I suppose
that they are identical.

My examples are extreme, admittedly, but deliberately so ...

--
----------------------------------------------------------------------
Sylvain Robitaille syl(a)encs.concordia.ca

Systems analyst / AITS Concordia University
Faculty of Engineering and Computer Science Montreal, Quebec, Canada
----------------------------------------------------------------------
First  |  Prev  | 
Pages: 1 2 3
Prev: timout binary question
Next: What am I doing wrong ?