Kubuntu experience

William F Pearson III wfpearson at gmail.com
Tue Apr 19 02:23:37 UTC 2005 

I think most of the posts here have missed one major benefit to sudo:
With sudo in a multiple user environment you don't have to give every
user sudo priveledges. If you do happen to have more the one
administrator you can make it "against the rules to logon as root." By
forcing admins to use sudo you can effectively log which admin is
making whatever changes to the system. When someone breaks something
you know who broke it. You also cause a forced accountablility which
is absolutely necessary for a secure environment. Also if one admin
gets fired you don't have to change the root logon, you don't risk
malicious activity from an insider that knows that he will be
impossible to blame.

On 4/18/05, Sam Tygier <samtygier at yahoo.co.uk> wrote:
> mac os x uses the sudo model by default, so it can't be that bad.
> 
> i supose if you have a system with many users and one admin, then it makes sense for the users to be users and the admin to be root.
> 
> for me (and i imagine most ubuntu users) i am the only person who uses my computer (appart from my homes mates checking their email, and my sister playing pingus). i am the admin. from a conceptual point of view, why should i have two accounts? i am one person.
> 
> so why not have one account, sam, and thats what i log with everyday. sometimes i need to use synaptic, and i don't really want my housemates or sister to be able to mess around in synaptic, so it should require a password. this password is to prove that it is me, sam the admin, who wants to make a change. so it make sense that i type my password.
> 
> now this is only the default settings, and it is not at all hard to enable a root account. the only trouble is the gui tools seem to expect sudo (could they maybe check if the root account is enabled?)
> 
> also i think it is fairly easy with this model to have a play with the sudoers file and decide what commands you want to require a password or not.
> 
> and one final thing. most computer users have the same password for evrything, log on, hotmail, yahoo messenger, the phone banking secret word, etc. if they had a root account they would just use the same password. so to them a root account is no more secure from someone finding their password out.
> 
> sam
> 
> 
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> http://lists.ubuntu.com/mailman/listinfo/ubuntu-users
> 


-- 
William F Pearson III

More information about the ubuntu-users mailing list