[GRLUG] Distro's - was GRLUG test comment
timschmidt at gmail.com
Thu May 4 17:50:58 EDT 2006
On 5/4/06, Collin <adderd at kkmfg.com> wrote:
> But the problem is that, in Ubuntu, the first user setup can do ANYTHING
> they want w/ sudo by just giving their own password. Sure, you have to
> enter your password but it still doesn't really do it's job of
> preventing a normal user from doing something dumb. Sure, it will ask
> for their password if they type rm -rf but it will not warn them why
> that's a really bad idea. Basically, that user IS root but with an extra
> password prompt before you do anything.
Since presumably, someone who is installing an operating system - thus
wiping out everything previously on that system - is a knowledgable
person, why should they not get sudo rights? Especially considering
that same person would be the one setting the root password anyway.
As for typing rm -rf, Ubuntu will not prompt for a password in that
situation. You're stuck with your regular user permissions. If a
system can be invented to protect a user's data from the user himself
I think someone would be a millionare.
> If a knowledgeable person is running Ubuntu then it's setup is probably
> fine. They'll be able to run their root commands without needing to be
> root and with the extra security of a password prompt. However, I'd
> doubt that it's sufficient protection against destruction in the hands
> of a novice.
You're still not quite getting it... when you run a command through
sudo, you _are_ root as far as that command understands. And sudo
performs sufficient security checks for that to be OK.
As far as destruction in the hands of a novice goes, see the previous
comment about a user and his data.
> I'd agree that sudo is better 'when properly configured.' I'm not sure
> Ubuntu fits that classification.
Ah. The first bit of usefull dialog in this thread. I would love to
talk about configuring sudo in various ways for various systems and
use-cases. Should we start a new one?
More information about the grlug