[ale] Stupid Question Time

Jim Kinney jim.kinney at gmail.com
Sat Feb 4 18:54:38 EST 2012


Excellent answer! Good job.
On Feb 4, 2012 6:13 PM, "David Tomaschik" <david at systemoverlord.com> wrote:

> On Sat, Feb 4, 2012 at 5:54 PM, Michael Nolan <michaeldnolan at gmail.com>
> wrote:
> > This is more of a follow up concept question...
> >
> > Why, if I used mount manager while in my user account, to mount the
> > drive with the two partitions (and probably had to enter my user
> > password), did it create mount points owned by root?
> >
> > It just makes no (real world) sense to me why, for the sake of
> > security and wisdom of using user accounts, (and not logging in as
> > root)... a command like sudo is even allowed to exist and be available
> > to the user account.
> >
> > I'm really not looking for an answer here... it's just an observation
> > from someone who is trying to apply logic to something they don't
> > understand, but want and need to.
>
> I think it's a very valid question, and deserves an answer.  Your user
> account can't mount devices, create filesystems (write to raw
> devices), etc.  There are a number of mechanisms by which elevated
> privileges are managed, and sudo is a mechanism for elevating those
> privileges.  In many ways, its similar to UAC on Windows (though long
> predates UAC) in that it gives you an ability to control with which
> privileges commands are run.
>
> Sudo also allows system administrators to control what commands a user
> can run and as what alternate users.
>
> The other oft-used mechanism for elevating privileges is actually
> using an IPC mechanism like D-Bus that allows unprivileged processes
> to "ask" privileged processes to perform tasks on their behalf.
>
> Hope that clarifies things!
>
> David
>
>
>
> --
> David Tomaschik
> OpenPGP: 0x5DEA789B
> http://systemoverlord.com
> david at systemoverlord.com
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20120204/dc8a5ff3/attachment.html 


More information about the Ale mailing list