OT: MS and e-mail

Fairlight fairlite at fairlite.com
Mon May 24 20:30:19 PDT 2004 

With neither thought nor caution, Bill Vermillion blurted:
> 
> Not that last line about 'privledges of a logged-on user'.  This
> means that if you are running XP your normal account should not
> have adminstrator privledges.  Save that for 'admin' or some other
> adminstrative login.  It may help a little.

Yeah, but I wonder how many people do everything as administrator in 'doze,
like I know twits that do everything as root in *nix.  I don't even know if
it's possible.  I'm pretty new to the NT variants (2k, XP).  Kelly has w2k
and she has a regular user set up, and I think we've not used administrator
-once- since install.

But -if- it's possible, I can see large amounts of cluebies running
perpetually as administrator.

My favourite is still the person that came to me with a linux system that
was "acting oddly".  They'd been puttering about with perl and something to
"fix" permissions and ownerships throughout the entire directory hierarchy
of their MUSH (on their company's production machine, no less).  So they're
writing and testing programs -as root-.  Well he screwed up the recursion
code and it went all the way through the entire system.  Net result:  
     0777 idiotuser.users  --  on ALL files.

They were looking at a -complete- reinstall.  They had no idea how to fix
it, as they had no idea what had what modes, ownerships, etc.  In fact,
they were about to start the reinstall, and I told them to give me an hour.
About 20min later, I'm already running my new little program, which forced
the system to repair itself.  Well, it fixed the core.  They still had to
fix anything that was not part of the core (/home, some bits of /usr/local,
and misc files like that), but I fixed the core OS good as new.  

Under 10 lines of neatly-formatted perl.  Let's say RPM has some nice
features, and it's handy to let the system fix itself.  I then promptly
billed them somewhere around $800 for the emergency call, the partial cost
of a fresh install and reconfiguration (which they would have done anyway),
and a stupidity surcharge.  (I don't believe I actually broke out the
stupidity surcharge explicitly in writing, but I was sure thinking of it in
those terms.)  I think they stopped the guy from coding and testing as root
after that.   I told them, it's either a production system or a personal
system--pick one.

They actually didn't grouse about the money.  The owner wasn't happy,
but it was the employee he was unhappy with.  I saved them several days
of reconfiguration anyway.  They'd have spent more fixing it their way,
counting loss of business while it was being fixed.  Much more.

The sad thing is that this was their "admin" that did it, and he'd
apparently not heard of the -R option to chmod and chown.  He didn't even
-need- a program to do what he wanted.

It's precisely experiences like this that make me wonder how many people
are running as root (I know wayyyy too many places where every user is UID
0 to "fix the problem of everyone not being able to write to the same
files/directories") on *nix, or if it's possible in 'doze, as blanket
administrator rather than a user.

mark->
-- 
Bring the web-enabling power of OneGate to -your- filePro applications today!

Try the live filePro-based, OneGate-enabled demo at the following URL:
               http://www2.onnik.com/~fairlite/flfssindex.html

More information about the Filepro-list mailing list