low-hanging fruit

Gian Paolo Mureddu gmureddu at prodigy.net.mx
Mon Aug 20 03:30:09 UTC 2007 

Colin Walters escribió:
> On 8/16/07, *Gian Paolo Mureddu* <gmureddu at prodigy.net.mx 
> <mailto:gmureddu at prodigy.net.mx>> wrote:
>
>
>     fine, adding sudo by default doesn't seem like very good idea for me,
>     especially after my experiences with *buntu systems where the whole
>     */sbin paths are visible to the regular users, 
>
>
> But what is a "regular" user?  If you have the Vista/OSX desktop spin, 
> "regular users" won't ever open a terminal (or really, any application 
> other than a web browser), and so the default path is completely 
> irrelevant.
>
> But as a developer, when I open a terminal I want ifconfig, damn it. 
Then change your .bashrc to include /sbin in the PATH, don't do it 
"universally" for all users and much less *enforce* insecure practices. 
Besides as I said, many of the /sbin commands run as regular users, and 
just like you I don't see the "burden" to use the full path... 
/sbin/ifconfig...
>
>     and though many of those
>     commands need proper authentication to do their job, there are quite a
>     few which can run with regular UIDs.  I've always thought that the
>     presence of a proper 'root' account in Fedora and Red Hat was way
>     better
>     than having one "disabled".
>
>
> It's unclear to me how the root account being enabled or not relates 
> to the path.
>
> Anyways, I couldn't care less about whether or not you can log in as 
> "root".  What is important is to kill password prompts, *especially* 
> prompts for two passwords.  If we killed the prompt for the updater 
> we'd be 90% there since that's the only thing that regularly prompts 
> (or used to) in day to day use.
Are we going completely out of our minds here?? Since when alerting the 
user that s/he's about to do something that will affect the whole system 
is a bad idea? I do agree that having two password pop ups might not be 
the best or most elegant solution, but neither is "opening up" the 
system and putting it at risk. Getting rid of that extra layer *is* 
putting the system at risk. Especially in the hands of inexperienced 
users (and I know and am aware that Fedora's traditional audience is 
*NOT* inexperienced users, and yet, the Forums are flooded with new 
users questions and issues... So I'd think of them too).
>
>
> This forum thread fixed it for me:
> http://forums.fedoraforum.org/archive/index.php/t-139634.html
>
> Let's just do it.

More information about the desktop mailing list