OK all, I understand from the comments that I should have studied the SUDO concept before commenting on it. Thanks for the humbling experience and thanks for not flaming me.
I do see the beauty of it now, especially the possibilities of drilling down to a command-level in the sudoers file. That is something windows can't do as far as I know. Thanks Frank -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: dinsdag 31 oktober 2006 8:00 To: [email protected] Subject: edubuntu-devel Digest, Vol 17, Issue 28 Send edubuntu-devel mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit https://lists.ubuntu.com/mailman/listinfo/edubuntu-devel or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than "Re: Contents of edubuntu-devel digest..." Today's Topics: 1. Re: Creation of User profiles at install (Scott Balneaves) 2. Dual LAN card installation (John Ingleby) 3. Re: Creation of User profiles at install (David Trask) 4. Re: Dual LAN card installation (Oliver Grawert) ---------------------------------------------------------------------- Message: 1 Date: Mon, 30 Oct 2006 08:49:25 -0600 From: Scott Balneaves <[EMAIL PROTECTED]> Subject: Re: Creation of User profiles at install To: [email protected] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii On Mon, Oct 30, 2006 at 06:58:03AM -0400, frank claessen wrote: > Edubuntu asks for one user only and that is an administrative user. > For security reasons I don;t think this is a good idea. Why not? How is this inherently less secure than a root account? By creating an initial priveleged user, that executes commands via the sudo command, you have better, fined grain control. For starters, anything issued via the sudo command is logged. Not so for a root login. As well, it more directly ties admin privs to a real userid, as opposed to the nebulous "root" account. In addition to this, every external hacker knows that any unix-like box has a "root" account, and so, it's frequently the subject of brute-force password attacks. Leaving this account disabled by default eliminates this worry. There's an entire wiki page documenting all these reasons, at the Ubuntu site. You might want to check it out. > Later on you can > change the password for the root account while being logged an as the > user that was created during installation ?!?!!!! Sure, it's still Linux, and there's nothing to stop a knowlegeble admin who's used to the old idea of an enabled root account from simply adding the password. The idea here is to *ship the OS in a default secure state*. There's nothing stopping me from creating users with empty passwords either. Or enabling writable anonymous FTP sites. Or installing the old rsh style commands. Nothing *STOPS* you from making your system *LESS* secure. That's the admin's choice. > Unbelievable!! How so? > Would like to know what others think about this. I would prefer the > way of the other distro's The key phrase in your email is "..other distros...". Other distros do it the traditional way. Ubuntu is doing something new, which has been proven to be no *less* secure than the old way, and certainly, one command post install (sudo passwd root) gets you "the old way" that you seem to like. Seems like an easy solution to me. Scott -- Scott L. Balneaves | "Looking beyond the embers of bridges glowing behind us Systems Department | To a glimpse of how green it was on the other side..." Legal Aid Manitoba | -- Pink Floyd "High Hopes" ------------------------------ Message: 2 Date: Mon, 30 Oct 2006 18:37:34 +0000 From: John Ingleby <[EMAIL PROTECTED]> Subject: Dual LAN card installation To: [email protected] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain Congratulations on the release of Edgy Eft! I installed it today and the graphics are great. Coming from K12LTSP, which uses two network cards by default, I've always had a problem with Edubuntu's card detection because I still don't know what exactly is meant by the "primary" interface? Does "primary" refer to the external WAN interface (presumably connected to Internet) or the internal LAN interface? (presumably connected to thin clients). I think the wording on the installation screen could be made much clearer. This isn't a bug in the normal sense, it all worked out after a couple of tries, but a change in the wording would make installation much smoother. Thanks, John Ingleby ************ ------------------------------ Message: 3 Date: Tue, 31 Oct 2006 00:04:58 -0400 From: "David Trask" <[EMAIL PROTECTED]> Subject: Re: Creation of User profiles at install To: "frank claessen" <[EMAIL PROTECTED]> Cc: [email protected] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=ISO-8859-1 frank claessen <[EMAIL PROTECTED]> writes: >Would like to know what others think about this. I would prefer the way >of the other distro's Ummm....in many other distro's I can log in as root from the GUI on the first login....Ubuntu doesn't allow that. Ubuntu is much more secure from a "first boot" perspective. What you do after that is up to you. David N. Trask Technology Teacher/Director Vassalboro Community School [EMAIL PROTECTED] (207)923-3100 ------------------------------ Message: 4 Date: Tue, 31 Oct 2006 09:17:12 +0100 From: Oliver Grawert <[EMAIL PROTECTED]> Subject: Re: Dual LAN card installation To: [email protected] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="us-ascii" hi, Am Montag, den 30.10.2006, 18:37 +0000 schrieb John Ingleby: > I think the wording on the installation screen could be made much > clearer. This isn't a bug in the normal sense, it all worked out after a > couple of tries, but a change in the wording would make installation > much smoother. the wording should probably be "external interface" instead of "primary" and indeed thats a bug if it confuses you :) would you mind filing it so we wont forget to fix it for feisty ? it should be against the debian-installer package ... ciao oli -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Dies ist ein digital signierter Nachrichtenteil Url : https://lists.ubuntu.com/archives/edubuntu-devel/attachments/20061031/bcefd9 5d/attachment-0001.pgp ------------------------------ -- edubuntu-devel mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/edubuntu-devel End of edubuntu-devel Digest, Vol 17, Issue 28 ********************************************** -- edubuntu-devel mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/edubuntu-devel
