[OT Humor] "Obviously designed by morons"
suvayu ali
fatkasuvayu+linux at gmail.com
Mon Mar 21 23:23:57 UTC 2011
On Mon, Mar 21, 2011 at 1:19 PM, Joe Zeff <joe at zeff.us> wrote:
> If you have the root password, it's the wrong tool for the job. It's
> designed, AIUI, for people who *don't have* the root password to have
> *limited access* to specific root commands. It can also be used (as I
> described in a different message) to allow people *limited access* to
> programs that they'd not normally be able to run. If you have the
> password, there's no reason that I can see to pretend you don't. In
> fact, in Fedora, you can't even set sudo up so that you can use it
> without using the *root password!*
I don't follow your logic, how is using sudo with password improper.
Every time a user uses 'sudo <cmd>' _only_ that command is executed as
root. All other commands are executed as the regular user. Whereas in
a proper root shell aren't you prone to "grave mistakes" due to silly
things like typos, "forgot where I am in the directory tree" like
errors? To add to this using sudo also disables all aliases in
/root/.bashrc so you are protected from laziness inspired aliases like
'alias rm=rm -f'?
Aren't we after all humans and prone to error? Shouldn't elevating
privileges on a per command basis be a more reasonable practice even
though you know the root password?
--
Suvayu
Open source is the future. It sets us free.
More information about the users
mailing list