that darned ROOT problem

[Paul O'Malley]

Tony Arnold wrote:
snip

>come with different sets of packages; have different package management
>regimes etc. Surely it is a mistake to expect one package to behave
>exactly like another!
>  
>
On behalf of those who use and respect sudo over su, it has bailed me 
out on more than once occasion where I could look at the logs and cry in 
the place of eureka 'ahhhhh this is what I want to do now'.

>The real problem is that experienced users are expecting a root account
>and are surprised when they never get prompted for the root password
>during the install. I agree there should be a clear warning during the
>install stage, but I suspect many experienced users will just skip past
>that. I know I would! I don't know what the answer is, but I would like
>to avoid the Windows situation where 90% of users run by default with
>administrator privilege!
>
>  
>
Security is a double edged sword, without sudo you just lost the logs of 
who did what with root. There are companies I know where not using sudo 
is bad for the health of your continued employment. Yes it can be abused 
just like physical access can also be abused.

/var/logs/auth.log and its friends are justification enough in my mind 
for having this 25 year old command available and in use.

The 90% rule is easy to avoid people do sudo blah and then it goes away.

Not every user gets sudo access. I don't know why people have such 
resistance to it.
Fear?
Can't be that people use disk formatting much harder.

No, what we have here is a failure to communicate, with part of the 
userbase.
As far as I know there is nothing you can't do with su that you can't do 
with sudo.
You can even get a root shell.

Anyway after 63 plus or so mails maybe we can let this thread die.

Regards,

Paul O'Malley