Kubuntu experience
James Wilkinson
ubuntu at westexe.demon.co.uk
Mon Apr 18 12:27:17 UTC 2005
Brian Astill wrote:
> I'd like to believe you and sincerely hope you are correct. BUT ...
> why can't I work in the standard way without sudo intervening? What I
> can do as "sudo" is controlled by root - in this case the ubuntu
> designers. If sudo as implemented by those designers denies me
> nothing, why not allow me the root login all the other unixen I know
> use as a matter of course?
OK: I'm a new Ubuntu user, I'm *not* a new Unix user: I admin Unix boxes
as part of my job.
How does this sound?
sudo allows advanced users (who presumably know what they're doing) to
get root login shells easily [1]. The people with experience of having a
separate root account will know what they're looking for and be able to
get it.
You know enough Unix that you're looking for "root". Newer users are
more likely to be "task-oriented". They don't have the background of
working as root; they just want to get the job done. And the "obvious"
way of getting jobs done in Ubuntu is to use sudo.
This is safer for new users because the alternative temptation is simply
to login as root and do everything as root. And it's the new users who
don't understand the implications of everything they do. It's the new
users who do stuff like typing
chmod -R 777 .*
in /tmp.
The design encourages them not to put themselves in a position where
they can seriously mess up the entire system. And it does this by
obscuring the dangerous root account. It's still there: you can still
get at it. But it's not too obvious to new users.
And that means they have to want to learn about Unix before they find
out about it.
It's not about limiting what you can do. It's about making the safe way
the easy way for new users.
James.
PS: My sigmonster, the script that chooses the signatures at the bottom,
came up with this signature unaided. I don't think that new users are
necessarily half-wits, but the concept isn't too far out. Half-measures
that anyone with the right knowledge can get around do at least mean
that the people with that knowledge can get around them, and the rest
have to stay in the safety zone.
Think of it as a Unix proficiency test before you're handed a root
login, if you will.
[1] Always assuming that they've got the *rights* to su - to root...
--
E-mail address: james | Remember, half-measures can be very effective if
@westexe.demon.co.uk | all you deal with are half-wits.
More information about the ubuntu-users
mailing list