Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Lawrence D'Oliveiro <ldo@nz.invalid>
Newsgroups: comp.os.linux.misc
Subject: Re: privileged user in RedHat
Date: Sun, 1 Sep 2024 23:42:09 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 13
Message-ID: <vb2u4g$1lsoa$2@dont-email.me>
References: <20240828082101.617dadf2@dorfdsl.de>
	<u82cnVISw_fySlP7nZ2dnZfqnPSdnZ2d@earthlink.com>
	<varans$5b0$2@tncsrv09.home.tnetconsulting.net>
	<vb15a4$1dlt4$9@dont-email.me>
	<vb25r6$l0f$1@tncsrv09.home.tnetconsulting.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 02 Sep 2024 01:42:09 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="4a5afe94d383ad14ade5b4aaa17286ab";
	logging-data="1766154"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX19Yfn0HEEVKF0lLRAYCrFbP"
User-Agent: Pan/0.160 (Toresk; )
Cancel-Lock: sha1:Js9qGWAfbhlMz/A99N2guz3mMCg=
Bytes: 1456

On Sun, 1 Sep 2024 11:47:34 -0500, Grant Taylor wrote:

> On 9/1/24 02:32, Lawrence D'Oliveiro wrote:
>
>> So it takes the root user two steps to modify/delete that file,
>> instead of one.
> 
> Sometimes that extra step is all that's needed to prevent processes from
> falling off the rails.

To guard against accidents, yes.

To guard against malice, no.