Re: comments in /eetc/passwd and group

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Eric Shubert
Date:  
To: plug-discuss
Subject: Re: comments in /eetc/passwd and group
If you're the sysadmin for the host, then you should call the shots, and
do what you think best. When the system breaks as a result of doing
this, whose neck is on the line?

How did they get the idea that someone could edit this file, let alone
put comments in it? It's a rather absurd idea imo.

I think this is probably simply the wrong solution to some problem. I
don't believe you've told us what the problem is. If you do, perhaps
someone here would think of a more appropriate solution.

Shawn Badger wrote:
> I agree that editing them by hand is a very bad idea, but I have some
> people that insist on it and they above me in the Org chart.
>
> That being said some of those people want to include comments and such
> in the files. I can not how ever just say no that is a stupid idea
> without first having something to say why that is a stupid idea.
>
> I am working on the comments and blank lines first and then after they
> get used to that I can work on the hand editing portion, but for now I
> just need something solid other than poor practice.
>
>
>
> On Thu, Feb 4, 2010 at 10:46 AM, Craig White <
> <mailto:craigwhite@azapple.com>> wrote:
>
>     On Thu, 2010-02-04 at 10:03 -0700, Shawn Badger wrote:
>      > Somebody did mention security to me as well, but when I asked them to
>      > elaborate on it they couldn't.
>      > I agree you can maintain a separate file for the comments, but I am
>      > looking for something that would say if you have blank line lines in
>      > in the /etc/passwd or /etc/group file this can happen. And if you
>     have
>      > #comments in them this can happen, but so far I have not been able to
>      > find anything like that.
>      >
>      > In order to defend my stance, I need to be able to say this will
>      > happen if you do that.
>     ----
>     It seems to me that beyond...

>
>     # Do NOT hand edit these files under penalties that might include
>     # death, getting your hands chopped off or just termination.

>
>     seems to be unnecessary as hand editing passwd/group/shadow files is
>     fraught with potentially devastating possibilities and so many tools are
>     available to handle the job.

>
>     Not to mention that a system like LDAP is entirely capable of handling
>     comments.

>
>     But in fairness, I think there is a lot of context that you are not
>     sharing with us that would probably be meaningful to the discussion.

>
>     Craig

>
>
>     --
>     This message has been scanned for viruses and
>     dangerous content by MailScanner, and is
>     believed to be clean.

>
>     ---------------------------------------------------
>     PLUG-discuss mailing list - 
>     <mailto:PLUG-discuss@lists.plug.phoenix.az.us>
>     To subscribe, unsubscribe, or to change your mail settings:
>     http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

>
>



--
-Eric 'shubes'

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss