| Weekly edition | Kernel | Security | Distributions | Search |
| Archives | Calendar | Subscribe | Write for LWN | LWN.net FAQ |
bizarre indeed...
bizarre indeed...
Posted Feb 17, 2005 9:43 UTC (Thu) by freddyh (guest, #21133)Parent article: OSDL's desktop specificaton
Please let us not try to make it possible for a non-root user to install another kernel. That would be the start of a lot of trouble!
FreddyH
(Log in to post comments)
bizarre indeed...
Posted Feb 24, 2005 15:10 UTC (Thu) by leandro (guest, #1460) [Link]
> let us not try to make it possible for a non-root user to install another kernel.
Why not? That the capability exists it does not mean it has to be abused. What is needed is the possibility of a sysadmin assigning this capability to himself or to some power user he trusts, for example an automated update tool.
bizarre indeed...
Posted Feb 27, 2005 8:10 UTC (Sun) by rqosa (guest, #24136) [Link]
I think the capability already exists, at least when using GRUB. Isn't it true that all that's needed is write access to /lib/modules, to /lib/hotplug if needed, to the directory where the kernels and initrds reside (usually /boot), and to the GRUB configuration file (often /boot/grub/menu.lst or /boot/grub/grub.conf); you could set these "chmod g+rwx" and "chgrp $TRUSTEDGROUP", and then users in $TRUSTEDGROUP could install kernels.