Web lists-archives.com

Re: [SOLVED] Re: Security hole in LXDE?




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Mar 06, 2017 at 08:58:25PM +0000, Joe wrote:

[...]

> A member of the sudo group has permanent root privileges. He might as
> well simply login as root every day, and not bother with another user.

Sorry, I've to disagree. It's a question of ergonomics. To some people
(may be not for you, and that's fine) it does make a difference to have
to invoke sudo and being prompted for a password (e.g. raise the level
of awareness, notice when an obscure app is trying to gain privileges,
whatever).

I switched from a su oriented setup to a sudo oriented setup many moons
ago and the ergonomy WorksForMe.

Stating things in as an absolute way as you did above is almost always
wrong. Or: All generalizations suck ;-)

> My understanding of the use of the sudo group was for multiple server
> admins, not workstation users.

Why that?

My only beef with the general exodus to sudo is that some (I think
the first was Ubuntu) thought you could do away with root password.
Until... you are in front of a box where the root file system check
failed and it prompts you for the root password for rescue. Sudo?
HAH.

Again: all absolutes are wrong, as I said :-)

regards
- -- t
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAli+aS8ACgkQBcgs9XrR2kbCEgCdFZOKtyuroWvHTKgJc1VZVNk6
sf0AnRpLBaAfOQGFbRkwJkTvo4ryBaC7
=BeJ3
-----END PGP SIGNATURE-----