> >>=20 People keep talking about sudo like it's the cat's meow, and maybe > >>for a single-user system it is. But sudo documentation very > >>explicitly warns that, if you're not careful about what you allow, you > >>could accidentally allow access to far more than you expected. > > > >=2E..it seems like a good idea on a single-user machine to allow sudo > >dpkg -i... sudo dpkg -i make_bash_setuid_root.deb > > I'm a bit confused ... you snipped out the part where I said that it's > probably fine for a single-user machine, then added your own comment to > that effect, and instructions for installing it ... > > For the record, I have it installed. But I still think that espousing > sudo as a panacea, without encouraging people to read the documentation > and understand the potential pitfalls, is not the right thing to do.
I think you got Colin wrong there (Colin please correct me if *I* got you wrong:) . Colin just gave an example how easy it is to exploit the sudo-privilege for using dpkg. Btw. allowing apt-get limits the packages you can install to a well defined pool, but I wouldn't bet anything on it being any more secure than allowing dpkg -i. (Can anyone bring light on this?) Johannes -- "More than machinery we need humanity" -- Charlie Chaplin, The Great Dictator
pgp00000.pgp
Description: signature
