[OT] sudo, why not su?

Magnus Therning magnus at therning.org
Wed Aug 10 20:39:37 UTC 2005


On Wed, Aug 10, 2005 at 11:38:14AM +0100, Colin Watson wrote:
>On Wed, Aug 10, 2005 at 07:55:38AM +0100, Magnus Therning wrote:
>> If you want to make it possible for everyone in the adm group to run all
>> commands you can add the following line:
>> 
>>  %adm ALL=(ALL) ALL
>
>Please, please don't do this. The adm group is only intended for reading
>files in /var/log (as /usr/share/doc/base-passwd/users-and-groups.txt.gz
>says); it's supposed to be safe to add users to the adm group in the
>knowledge that all they can do with it is read some log files. It will
>be horrible if people start using it for root-equivalence instead.
>
>We use the admin group for sudo instead.

I don't have an admin group on my system!

I based my setup on the following:

 http://www.us.debian.org/doc/manuals/reference/ch-tune.en.html#s-wheel

/M

-- 
Magnus Therning                    (OpenPGP: 0xAB4DFBA4)
magnus at therning.org
http://therning.org/magnus

Software is not manufactured, it is something you write and publish.
Keep Europe free from software patents, we do not want censorship
by patent law on written works.

The only intuitive user interface is the nipple. Everything else is
learned.
     -- Bruce Ediger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050810/4a152b97/attachment.sig>


More information about the ubuntu-users mailing list