Le Thu, 8 Apr 2010 13:48:34 +0200, Andreas Färber a écrit : > > Am 08.04.2010 um 13:10 schrieb PulkoMandy: > > > 2010/4/8 Ingo Weinhold <ingo_weinhold@xxxxxx>: > >> For administrative tasks that go beyond sudo'ing some program it > > > is > >> quite > >> handy to be able to log in as root. Besides "sudo bash" is usually > >> allowed > >> anyway. > > > > That's right for an unix OS. They usually don't let root log in an > > X > > session, and I think we'd want to do the same. But I think this > > needs > > some thinking about which things are root-only and which are > > allowed > > to the user. I'm not sure the unix way is that perfect for a > > desktop > > OS like Haiku. Does multiuser necessarily implies having a root > > account ? Is the Windows way (letting one or more users having > > "administrator" privileges) better ? how does mac os X handle it ? > > Solaris has a concept of assigning certain priviledges to users, too. > For instance, DTrace proviledges can be assigned as superuser once > and > then can be performed as the normal user, without special invocation. > For other tasks there's the pfexec(1) command, but no idea where the > differences to sudo are (which exists as well). This is called capability based security. There is quite a lot of research in this area I think. It might be an interesting way to explore. The logged in user would gain the needed capabilities to use app_server, mount filesystems... on its Tracker & Deskbar and their child processes. François.