-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, Dec 03, 2007 at 05:27:17PM +0100, Dan H wrote: > On Mon, 03 Dec 2007 15:47:09 +0100 Jostein Elvaker Haande > <[EMAIL PROTECTED]> wrote: > > > erik ALL=(ALL) ALL > > I've always heard people discouraging root logins or "su" and using > sudo instead. I know how sudo works and how to fine-tune system access > with it, but is the above suggestion in any way different or safer > than a root login? > > --D. >
Using sudo the way Jostein suggested is just as open to problems as logging in as root is, and should be avoided at all costs. Sudo was made to save the user from hassle, for example, to play Wesnoth I need to have access to the SDL framebuffer, but since you need to have root permissions to access it I granted myself permissions just to Wesnoth. pobega ALL=NOPASSWD /usr/games/wesnoth And aliased in my shell: alias wesnoth 'sudo /usr/games/wesnoth' So when I run `wesnoth`, the framebuffer is automagically started and I'm granted root permissions just for this one operation. At least, that's how I think sudo should be used. I suppose you could take ten people and they'd each find different uses for a single program, but sudo is in NO WAY a replacement for su. - -- If programmers deserve to be rewarded for creating innovative programs, by the same token they deserve to be punished if they restrict the use of these programs. - Richard Stallman -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHVDM6g6qL2BGnx4QRAqhKAJ9XK9mdoEYkZzHzuv+w3mqqj1kRxgCeJBYG R3vVZd1pH3Xt/M7VHuRS5so= =VpNL -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
