Another reason to prefer a real root over sudo
Smoot Carl-Mitchell
smoot at tic.com
Sun Feb 8 15:13:44 UTC 2009
On Sun, 2009-02-08 at 08:51 -0500, lee wrote:
> That may be good for the experts but what about the nubbies out there
> that do not have a clue as what trouble they can get into with su, if
> you want su account why not just go the way windose does it. Think
> about it
I find this whole argument amusing and it has reduced itself to being
mostly "religious". We have the "neo-su" folks, who believe in a return
to "su purity" when "su" was the only way to managed privilege
escalation. We have the "sudo mainstream" folks (which include the
Ubuntu architects, BTW) which have seen sudo proven to work in more than
a decade of use.
Personally, I fall in the later camp, but if folks want to turn off sudo
and use su on their personal machines, I really do not care.
One final thing I will mention on this thread is that sudo is more than
just running everything as root. It is a framework for finer level
privilege escalation control. Most folks who run desktop Ubuntu do not
use its power, since there is but a single user. But in a server
environment with multiple machines and the need for finer grain
privilege control, it is very useful. I have set up sudo in a server
environment and integrated it with LDAP authentication and was able to
manage privilege escalation across multiple machines from a centralized
LDAP store. It was a nice time saver.
--
Smoot Carl-Mitchell
Computer Systems and
Network Consultant
smoot at tic.com
+1 480 922 7313
cell: +1 602 421 9005
More information about the ubuntu-users
mailing list