I agree that editing them by hand is a very bad idea, but I have some people that insist on it and they above me in the Org chart.
That being said some of those people want to include comments and such in the files. I can not how ever just say no that is a stupid idea without first having something to say why that is a stupid idea.
I am working on the comments and blank lines first and then after they get used to that I can work on the hand editing portion, but for now I just need something solid other than poor practice.
On Thu, 2010-02-04 at 10:03 -0700, Shawn Badger wrote:----
> Somebody did mention security to me as well, but when I asked them to
> elaborate on it they couldn't.
> I agree you can maintain a separate file for the comments, but I am
> looking for something that would say if you have blank line lines in
> in the /etc/passwd or /etc/group file this can happen. And if you have
> #comments in them this can happen, but so far I have not been able to
> find anything like that.
>
> In order to defend my stance, I need to be able to say this will
> happen if you do that.
It seems to me that beyond...
# Do NOT hand edit these files under penalties that might include
# death, getting your hands chopped off or just termination.
seems to be unnecessary as hand editing passwd/group/shadow files is
fraught with potentially devastating possibilities and so many tools are
available to handle the job.
Not to mention that a system like LDAP is entirely capable of handling
comments.
But in fairness, I think there is a lot of context that you are not
sharing with us that would probably be meaningful to the discussion.
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss