|
|
The root login is associated with the complete list of system privileges, and as such has the privilege to run any command on the system, edit or delete any file, and create files and directories, shut down the system and configure hardware.
If you write administrative software, it should not depend on being run by root (or with the effective user id set to root). Instead, your software should run with an effective user id that has a list of privileges associated with it that is just sufficient for the application to perform well, and no more. This prevents both unintentional damage to the system by unaware users as well as intentional damage done by a malicious user intent on abusing the privileges given to your program.
Users can also be granted partial system privileges. Any user name can be given privilege (by a login privileged to do so).
If you are writing system administration software, it is important that you use privileges to enable your application. This will allow a non-root user, to perform administrative tasks.
The command used to grant privilege to a non-root user is tfadmin(1M). The filepriv(1M) command is used to assign privileges to files.
For a review of all system privileges, see the ''Privileges'' section of the intro(2) manual page. Privileges are defined in the file sys/privilege.h.