Re: help, root overpowered ?

[Ray Olszewski <ray@comarre.com>]

sn00born wrote:
> Dear all,
> 
> I am a newbie. I play with linux CLI now (using chmod and chown).
> It seems to me that if I am using su -as root- I can use all directories 
> and files that I -by my own setting- not allowed. For instance I have 
> set chown 700 to some files and folder as a normal user. I think it will 
> prevent anyone else using it (even root). But when as root I can still 
> read the content of thet file.
> My question is, is that a normal in *nix world ? I imagine how powerfull 
> an computer administrator of a company will be. He can read *all 
> sensitive data* that beyond his level. Please tell me, and point me 
> where my understanding of this matter that was wrong. Sorry for the 
> unproper English.
> 
> Thank you very much in advance.

The answer to your question is YES. In a Unix setting, the root user 
cannot in practice be restricted from accessing anything on the system. 
This is not particularly a Unix/Linux thing; my understandling of 
Windows, for example, is that the Admin user there has the same sort of 
privlieged access.

The workaround is to give untrusted administrators more restriected 
privileges than root access. Some-root-level activities can be made 
available to a less-privileged "admin" account, either by using 
permissions or sudo settings or maybe other things I am not thinking of 
right now.
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs