-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/03/07 10:47, Michael Pobega wrote: > On Mon, Dec 03, 2007 at 05:27:17PM +0100, Dan H wrote: >> On Mon, 03 Dec 2007 15:47:09 +0100 Jostein Elvaker Haande >> <[EMAIL PROTECTED]> wrote: > >>> erik ALL=(ALL) ALL >> I've always heard people discouraging root logins or "su" and using >> sudo instead. I know how sudo works and how to fine-tune system access >> with it, but is the above suggestion in any way different or safer >> than a root login? > >> --D. > > > Using sudo the way Jostein suggested is just as open to problems as > logging in as root is, and should be avoided at all costs. Sudo was made > to save the user from hassle, for example, to play Wesnoth I need to > have access to the SDL framebuffer, but since you need to have root > permissions to access it I granted myself permissions just to Wesnoth.
Wouldn't it be better to just give the "games" group rw access to the SDL framebuffer, and add yourself to the games group? > pobega ALL=NOPASSWD /usr/games/wesnoth > > And aliased in my shell: > > alias wesnoth 'sudo /usr/games/wesnoth' > > So when I run `wesnoth`, the framebuffer is automagically started and > I'm granted root permissions just for this one operation. > > At least, that's how I think sudo should be used. I suppose you could > take ten people and they'd each find different uses for a single > program, but sudo is in NO WAY a replacement for su. - -- Ron Johnson, Jr. Jefferson LA USA %SYSTEM-F-FISH, my hovercraft is full of eels -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHVFP+S9HxQb37XmcRAj/IAKCc7voHv7OCR9porqM8I9LwJfueCwCgrwUm CT75ywY19GY70VOM5tzoDM0= =Du3R -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
