sudo and /etc/sudoers
Derek Broughton
derek at pointerstop.ca
Mon Dec 29 22:29:50 UTC 2008
Res wrote:
> On Mon, 29 Dec 2008, Matthew Flaschen wrote:
>
>> Karl F. Larsen wrote:
>>> Yes and it is seldom used.
>>
>> How on earth do you know?
>>
>> With a lot of thought, if I was running a
>>> Unix computer with many users I would disable sudo, get me a root
>>> password, and handle the users with which groups they belong to.
>>
>> Except magical groups alone will not let users have limited access to
>> root programs, which is of course the whole point.
>
> users should never be able to run root programs. this might be fine for
> your lil home 1337 b0x3n, but not fine in the real world.
LOL. What a ridiculous attitude from somebody who claims to be an expert.
_Somebody_ has to run root programs, and ime it is both possible and
advisable to have it not be somebody who is logged in as root. On one of my
large server systems, I am one of the two prime administrators - neither one
of us actually has the root password, which _does_ exist but only the
daytime computer room operator has. Works fine.
More information about the ubuntu-users
mailing list