gksudo potentially very insecure
Colin Watson
cjwatson at ubuntu.com
Mon Jul 4 23:47:32 UTC 2005
On Mon, Jul 04, 2005 at 04:22:04PM -0400, Jack Jackson wrote:
> As Robert Storey points out in his *excellent* reviews of Debian and
> Xandros on DistroWatch, better safe than sorry:
>
> <snip>
> "...[O]ne safety feature I always install out of habit are some aliases
> that prevent me from accidentally wiping out files at the command line.
> Some distros enable this by default, but Xandros (surprisingly for a
> newbie distro) is not one of them.
>
> "To do this, open up the hidden files in your home directory .bashrc and
> .bash_profile add the following four lines:
>
> alias rm='rm -i'
> alias cp='cp -i'
> alias mv='mv -i'
I think that's a *bad* idea. The reason why I think this is that it
trains you to just type 'rm' in the sure knowledge that you'll get a
confirmation prompt - except that one day you'll be using somebody
else's machine that isn't set up this way, and you'll blow things away
by accident because you were relying on this prompt. It's even worse
when a distribution does this, because then a whole generation of users
get trained to assume that 'rm' prompts, only to find that it really
doesn't do so everywhere.
Instead, I'd suggest setting up aliases with different names, so "alias
srm='rm -i'" (safe rm) or whatever you want to call them. That way, when
you're using that friend's machine one day, you'll get "command not
found" instead of accidentally removing a bunch of files.
Cheers,
--
Colin Watson [cjwatson at ubuntu.com]
More information about the ubuntu-users
mailing list