Not Remembering Root Password
Patrick O'Callaghan
pocallaghan at gmail.com
Fri Mar 6 19:46:27 UTC 2009
On Thu, 2009-03-05 at 23:33 -0700, Petrus de Calguarium wrote:
> Kevin Kofler wrote:
>
> > Giving out blanket sudo access to a user with no password prompt (not
> even
> > user password) means that user is effectively root. At that point I really
> > wonder what's the point of having a separate user account (other than
> > working around broken apps/libs which refuse running as root)... I'd
> > suggest not setting up your sudoers that way.
>
> That has occurred to me, but it's my computer and I'm the only user, so
> password or not, I am BOTH me and root, anyway.
>
> Do you really think it matters? What could happen, aside from making me
> think a few nanoseconds longer before executing a command?
Exactly the argument MS used to bandy about when trying to justify the
fact that MS-DOS has no concept of user privileges. They've since wised
up somewhat, but the whole UAC mess is a consequence of not doing it
right from the beginning.
To sum up: privileges are there to protect you both from malice and from
idiotic mistakes. If you're the only user, you get to be the idiot from
time to time.
poc
More information about the users
mailing list