On Mon, Mar 21, 2011 at 1:19 PM, Joe Zeff <j...@zeff.us> wrote: > If you have the root password, it's the wrong tool for the job. It's > designed, AIUI, for people who *don't have* the root password to have > *limited access* to specific root commands. It can also be used (as I > described in a different message) to allow people *limited access* to > programs that they'd not normally be able to run. If you have the > password, there's no reason that I can see to pretend you don't. In > fact, in Fedora, you can't even set sudo up so that you can use it > without using the *root password!*
I don't follow your logic, how is using sudo with password improper. Every time a user uses 'sudo <cmd>' _only_ that command is executed as root. All other commands are executed as the regular user. Whereas in a proper root shell aren't you prone to "grave mistakes" due to silly things like typos, "forgot where I am in the directory tree" like errors? To add to this using sudo also disables all aliases in /root/.bashrc so you are protected from laziness inspired aliases like 'alias rm=rm -f'? Aren't we after all humans and prone to error? Shouldn't elevating privileges on a per command basis be a more reasonable practice even though you know the root password? -- Suvayu Open source is the future. It sets us free. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
