Kubuntu experience

Dennis Kaarsemaker dennis at kaarsemaker.net
Mon Apr 18 10:29:33 UTC 2005 

On ma, 2005-04-18 at 18:36 +0930, Brian Astill wrote:
> On Mon, 18 Apr 2005 17:09, Dennis Kaarsemaker wrote:
> > On ma, 2005-04-18 at 16:52 +0930, Brian Astill wrote:
> > > The problem with sudo privilege is that you are always effectively
> > > running as root - all anyone has to do is type "sudo" before any
> > > command they wish to use - even "sudo rm -fR /* - to do whatever
> > > they wish with your system.  NOT secure.
> >
> > Nonsense, you still need to have the privilege to use sudo and type
> > in your password...
> 
> Depends how sudo is set up.   In ubuntu (warty - I can't speak for 
> hoary) default you are correct (thank goodness!)  but on many systems 
> set up in the situation I described, this is not so.

You can also set up su to not need a password, but by default you need
one. Just like sudo. So you still have no point here.

> > Sudo allows 
> > fine-grained access control.
> 
> Yes it does - but root is the one that exercises this control, not sudo 
> itself.

Root must create the configuration, do you seriously want a program to
do that for you? Talking about insecure...

> I repeat my statement and question "this sudo nonsense - rather than the 
> standard root plus personal account - has caused me grief.  WHY not 
> leave well enough alone, Mr Kubuntu?"

Using root accounts is less secure...

> The only answer that makes sense is that Mr Kubuntu HAS exercised some 
> "fine-grained access control" which will prevent me from doing 
> something on my system some time in the future.  If this is not the 
> case, why NOT use the standard setup?  It isn't difficult, after all.

Sudo is the standard, but you have a non-supported setup by using KDE on
Warty. You can expect troubles with that since the standard KDE setup
wants a root account. You do NOT use Kubuntu, just KDE on Warty. On
Kubuntu, which means KDE *INTEGRATED* with the rest of the system
sudo/kdesu works. You broke your system and blame it on Ubuntu, that is
not fair...

-- 
Dennis K.
 <- Are you suicidal?
 -> Only in the morning.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050418/4ea12a85/attachment.sig>

More information about the ubuntu-users mailing list