Is it me or is it sudo?
T.C. Hollingsworth
tchollingsworth at gmail.com
Wed Mar 28 17:26:59 UTC 2012
On Wed, Mar 28, 2012 at 10:19 AM, Joe Zeff <joe at zeff.us> wrote:
> On 03/28/2012 08:29 AM, Reindl Harald wrote:
>>
>> on a usual desktop PC with a standard-user it is a VERY bad
>> idea because any attacker only needs to try "sudo anything"
>> to get full control over the machine
>
>
> My thoughts exactly. Except under very unusual circumstances I'm the only
> person who ever uses this PC, but I don't have sudo set up with nopassword.
> In fact, as I know the root password (being the person who installed
> Fedora) I don't have sudo set up at all. AIUI, sudo was written to allow
> people *who don't have the root password* limited access to administrative
> commands.
>
> Yes, I understand that there are times you have to use sudo instead of su in
> a production environment to ensure that everything gets logged, but I've
> never understood why anybody would do it at home. YMMV and all that jazz,
> but if this is a home box, I'd suggest asking yourself why you're bothering
> with sudo in the first place.
In my case, it's because `sudo yum update` requires 3 less keystrokes
`su -c 'yum update'`. ;-)
I generally only need root for one-off commands and IMHO sudo's syntax
for that is far nicer than su's.
-T.C.
More information about the users
mailing list