Complex security mechanism is unsecure

[Rahul Dhesi]

I think many of you are missing the point of having files owned by
root.

When root owns files, and keeps them publicly unwritable, nobody else
can mess with them.  If you let anybody else own files, you are giving
that user permission to change those files too.  If root ever uses a
file owned by somebody else, there's a security problem.

Hence for better security, root should own all files that it uses.
--
Rahul Dhesi <dhesi%cirrusl at oliveb.ATC.olivetti.com>
UUCP:  oliveb!cirrusl!dhesi