Re: SUDO

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Dec 03, 2007 at 05:27:17PM +0100, Dan H wrote:
> On Mon, 03 Dec 2007 15:47:09 +0100 Jostein Elvaker Haande
> <jehaande@gmail.com> wrote:
>
> > erik ALL=(ALL) ALL
>
> I've always heard people discouraging root logins or "su" and using
> sudo instead. I know how sudo works and how to fine-tune system access
> with it, but is the above suggestion in any way different or safer
> than a root login?
>
> --D.
>

Using sudo the way Jostein suggested is just as open to problems as logging in as root is, and should be avoided at all costs. Sudo was made to save the user from hassle, for example, to play Wesnoth I need to have access to the SDL framebuffer, but since you need to have root permissions to access it I granted myself permissions just to Wesnoth.

pobega ALL=NOPASSWD /usr/games/wesnoth

And aliased in my shell:

alias wesnoth 'sudo /usr/games/wesnoth'

So when I run `wesnoth`, the framebuffer is automagically started and I'm granted root permissions just for this one operation.

At least, that's how I think sudo should be used. I suppose you could take ten people and they'd each find different uses for a single program, but sudo is in NO WAY a replacement for su.

• -- If programmers deserve to be rewarded for creating innovative programs, by the same token they deserve to be punished if they restrict the use of these programs.
  • Richard Stallman -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.debian.org Links debian-announce debian-apache debian-arm-changes debian-beowulf debian-boot debian-cd debian-cd-vendors debian-changes debian-changes-digest debian-isp debian-kde debian-laptop debian-mirrors-announce debian-news debian-security debian-security-announce debian-testing debian-user debian-user-digest Request more information about Pantek

iD8DBQFHVDM6g6qL2BGnx4QRAqhKAJ9XK9mdoEYkZzHzuv+w3mqqj1kRxgCeJBYG R3vVZd1pH3Xt/M7VHuRS5so=
=VpNL
-----END PGP SIGNATURE-----

-- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org