bug and solution
themuso at ubuntu.com
Thu Nov 24 23:06:20 UTC 2011
On Fri, Nov 25, 2011 at 05:10:50AM EST, Luke Kuhn wrote:
> What is the effect of this going to be on upgrades? I generally treat Ubuntu and its derivates as an unstable distro, keeping repos on the current alpha and known good snapshots on backup partitions. My last scatch-install was a laborious rebuild of my personal OS using Oneiric to switch to 64 bit, followed by immediate update to Precise, then just a couple weeks old. I haven't seen any sudo bugs yet, but on single-user systems it is common to use the same sudo and root password. After all, any damage that an online attacker can do using one of them can be done using the other, and with only one there are half as many chances of finding it by a brute-force attack.
At this point, I'd say that groups will be left alone for upgrades, mainly because the files that store group and sudo informatino in /etc, are considered configuration files, which the user may have modified, so policy is usually to leave them alone, or ask if you want them to be overridden with the new file, but if using update-manager, I believe this stuff is usually worked around/taken care of already, so the user doesn't get any prompts during upgrade, at least so far as I know, I don't upgrade, I've never found upgrading reliable, even with a fresh install.
More information about the Ubuntu-Studio-devel