kdesu and sudo
auspex at pointerstop.ca
Thu Apr 21 08:41:41 CDT 2005
On Wednesday 20 April 2005 21:01, Hannes Hauswedell wrote:
> > And if your root account is compromised? I can't conceive of a situation
> > where root is any more secure than a user account
> root is more secure than a user account because its not used as a user
> account! you will not run potentially harmful code from your root account,
> but from your user account you might. i want to be sure that when i run a
> script out of my user account that it CANNOT do anything harmful to my
That's crap, and you know it. Give people access to a root account, and they
inevitably use it when they shouldn't. When I run a script out of my user
account, it cannot do anything harmful, either. Unless I prefix it with
"sudo" - and how, in effect, is that the slightest bit different than the old
option of typing "su".
> > If this behaviour ever merges to Debian,
> i hope not and i believe it wont.
> > This method is more secure
> i dont think it is! and isnt opensource about options? i probably gotta
> hack it together myself, because you seem not to be to happy with providing
> the option....
You can _always_ install kdesu from Debian, and allow logins on the root
account. You _have_ the choice. As for the "you seem not to be to happy with
providing the option....", who the #$%^&* do you think I am? I'm not going
to go to the trouble of rewriting what I think is a good piece of software
for somebody who doesn't have a clue about security. Especially when I'm not
a kubuntu developer in the first place.
More information about the kubuntu-users