Root login

Raphaël Pinson raphink at
Thu Dec 7 16:55:52 UTC 2006

On 12/7/06, Scott Mazur <kubuntulists at> wrote:
> The desktop 'can' be a safer environment for root actions as it provides
> layer
> between the user and the system which could be used to prevent 'stupid
> user
> tricks' like deleting the root directory.  The power of sudu on a console
> is
> infinitely more dangerous as there is no limit to what the user can do
> with
> it.  The console is also a scary and confusing world for the user who is
> accustomed to the GUI.  They 'will not' fully understand what they're
> doing
> and will be just as likely to mis-type a command or try something they
> read
> else where in a different context.  And once they've totally blotted their
> system with an sudo command they didn't understand, there will be no
> recourse
> but to re-install and we're back into MS windows land.

On the contrary, sudo is much safer when dealt with properly, because you
can restrict the privileges to some commands, on some hosts, for some users.
For example, using

Cmnd_Alias PBUILDER = /usr/sbin/pbuilder
%pbuilder       ALL = NOPASSWD: PBUILDER

allows members of the pbuilder unix group to call /usr/sbin/pbuilder as root
on all hosts without entering a password, but nothing else. It can be
extended to a lot of things, so that a computer that is properly configured
with sudo is actually safer, and only a few users can have access to a few
commands. Typically, I think my mom should be able to upgrade her computer
with adept, but not use rm or such commands as root. So I would give her
sudo rights on adept/apt-get and so on but only on that.


Raphaël Pinson - raphink at
Ichthux - - Linux for Christians
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the kubuntu-users mailing list