Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Do you sudo?
Re: Do you sudo?
I don't use sudo generally because I have root access to all our machines. I have however set up sudo on our printerserver so that my SO can shut it down, and *only* shut it down of course (With no interest and no knowledge it doesn't make sense to have her log in as root).
Sudo?! What's that for?
I don't sudo if that does not prove absolutely necessary. The only motivation to use sudo that I might ever have, is to avoid typing the root password. In my opinion, that is not a justifiable reason to have a normal user accessing root privileges.
Irresponsible use of sudo may render one's system like swiss cheese.
This is Debian running sudo unnecessarily.
I don't sudo if that does not prove absolutely necessary. The only motivation to use sudo that I might ever have, is to avoid typing the root password. In my opinion, that is not a justifiable reason to have a normal user accessing root privileges.
Irresponsible use of sudo may render one's system like swiss cheese.
This is Debian running sudo unnecessarily.
Debian == { > 30, 000 packages }; Debian != systemd
The worst infection of all, is a false sense of security!
It is hard to get away from CLI tools.
The worst infection of all, is a false sense of security!
It is hard to get away from CLI tools.
Re: Do you sudo?
The only time I've used it was to start mpd and use my config, since su will use the root's.
Re: Do you sudo?
I've allowed reboot and halt commands to be executed without asking for password by normal user. "sudo halt" bound to WinKey+Pause is just too handy to live without.
Q: Why is the Eunux kernel so bloated?
A: It was made in the image of its founder.
A: It was made in the image of its founder.
Re: Do you sudo?
My user account is set up to use sudo but only for /usr/sbin/pm-suspend & /usr/sbin/pm-hibernate because I use Xfce 4.4 which doesn't have anything like Gnome or KDE's power managers. My wireless keyboard has a Sleep button so this is mapped to 'sudo /usr/sbin/pm-suspend'.
Aside from that I don't have a use for it. I can see it offers a lot of fine grained control over user privileges on systems with multiple users but imo it's best avoided or used as little as possible on single user (i.e. user+root) set ups. I have used Ubuntu in the past and frankly sudo Ubuntu-style is a concession to people migrating from Windows who have to be persuaded to even use a password. It's no more convenient than su but has disadvantages; some applications and scripts really do require the user to be root, and the 5 or 10 minutes of elevated privilege status after using sudo is a genuine nightmare because it isn't obvious or apparent and a simple mistake that would be inconsequential as user can be a serious when done with root privilege. It looks like an especially bad idea on systems administered remotely or those which allow any kind of remote or public access (web, ftp, webcontrol interfaces etc). I noticed that while Ubuntu desktop always uses sudo the Ubuntu server CD installer offers a non-sudo option. I assume the naive and the insane choose sudo.
Also setting up sudo is non-obvious and it's very easy to make horrendous errors, leaving the system completely insecure. I much prefer that root and users are clearly and unmistakably separated and impossible to confuse.
If I were wanting to target GNU/Linux desktops in the way that people target naive/unlucky Windows users my aim would be focussed 100% on Ubuntu simply because the way they use sudo could have been designed to make social engineering more rewarding than ever
I believe OS X also uses sudo in a similar way to Ubuntu and for similar reasons.
Aside from that I don't have a use for it. I can see it offers a lot of fine grained control over user privileges on systems with multiple users but imo it's best avoided or used as little as possible on single user (i.e. user+root) set ups. I have used Ubuntu in the past and frankly sudo Ubuntu-style is a concession to people migrating from Windows who have to be persuaded to even use a password. It's no more convenient than su but has disadvantages; some applications and scripts really do require the user to be root, and the 5 or 10 minutes of elevated privilege status after using sudo is a genuine nightmare because it isn't obvious or apparent and a simple mistake that would be inconsequential as user can be a serious when done with root privilege. It looks like an especially bad idea on systems administered remotely or those which allow any kind of remote or public access (web, ftp, webcontrol interfaces etc). I noticed that while Ubuntu desktop always uses sudo the Ubuntu server CD installer offers a non-sudo option. I assume the naive and the insane choose sudo.
Also setting up sudo is non-obvious and it's very easy to make horrendous errors, leaving the system completely insecure. I much prefer that root and users are clearly and unmistakably separated and impossible to confuse.
If I were wanting to target GNU/Linux desktops in the way that people target naive/unlucky Windows users my aim would be focussed 100% on Ubuntu simply because the way they use sudo could have been designed to make social engineering more rewarding than ever
I believe OS X also uses sudo in a similar way to Ubuntu and for similar reasons.
Wisdom from my inbox: "do not mock at your pottenocy"
Re: Do you sudo?
I can see that. Beats the hell out of just reaching behind the PC, and yanking out the power corddebil wrote:I've allowed reboot and halt commands to be executed without asking for password by normal user. "sudo halt" bound to WinKey+Pause is just too handy to live without.
Re: Do you sudo?
Just for yuks, I posted the same poll in the Ubuntu forums:
http://ubuntuforums.org/showthread.php?t=1173728
This should be interesting...
http://ubuntuforums.org/showthread.php?t=1173728
This should be interesting...
Re: Do you sudo?
If you discuss sudo vs su at ubuntuforums your thread will get canned pretty fast. If you offer to show anyone how to enable the root account on Ubuntu you will get banneddrokmed wrote:Holy crap, within seconds, it was moved to their non-discussion forum...
sudo is ubuntuforum's very own sacrament. Blasphemy and heresy quickly lead to excommunication by the high priests of hypocrisy & stupidity.
Wisdom from my inbox: "do not mock at your pottenocy"
- Absent Minded
- Posts: 3464
- Joined: 2006-07-09 08:50
- Location: Washington State U.S.A.
- Been thanked: 3 times
Re: Do you sudo?
I do all the administration here and there is no need for sudo. I view it as a security risk and do not recomend it to anyone.
Serving the community the best way I can.
Spreading the tradition of Community Spirit.
Please read some Basic Forum Philosophy
Give a man a fish, he eats for a day. Teach him how to fish, he eats for life.
Updated Nov. 19, 2012
Spreading the tradition of Community Spirit.
Please read some Basic Forum Philosophy
Give a man a fish, he eats for a day. Teach him how to fish, he eats for life.
Updated Nov. 19, 2012
- Soul Singin'
- Posts: 1605
- Joined: 2008-12-21 07:02
Re: Do you sudo?
Yeah, because if you make a mistake while messing with sudo on an Ubuntu system, you might never be able to run a command as root ever again.julian67 wrote:If you discuss sudo vs su at ubuntuforums your thread will get canned pretty fast. If you offer to show anyone how to enable the root account on Ubuntu you will get banned
.
Re: Do you sudo?
drokmed wrote:Just for yuks, I posted the same poll in the Ubuntu forums:
http://ubuntuforums.org/showthread.php?t=1173728
This should be interesting...
Burn drokmed at the stake!
Debian == { > 30, 000 packages }; Debian != systemd
The worst infection of all, is a false sense of security!
It is hard to get away from CLI tools.
The worst infection of all, is a false sense of security!
It is hard to get away from CLI tools.
Re: Do you sudo?
What can be done, can be undone. Grab a Live Linux CD and modify the root control files by hand. This is Linux, there are no secrets whatsoever!Soul Singin' wrote:Yeah, because if you make a mistake while messing with sudo on an Ubuntu system, you might never be able to run a command as root ever again.julian67 wrote:If you discuss sudo vs su at ubuntuforums your thread will get canned pretty fast. If you offer to show anyone how to enable the root account on Ubuntu you will get banned
.
Debian == { > 30, 000 packages }; Debian != systemd
The worst infection of all, is a false sense of security!
It is hard to get away from CLI tools.
The worst infection of all, is a false sense of security!
It is hard to get away from CLI tools.
Re: Do you sudo?
Code: Select all
sudo systemsettings
However I've recently found that there are other ways than sudo, so I use it just from habit...
Because let’s face it, the unfortunate aspect of software development is that it involves humans. Mewling, disorganized, miserably analog humans. Sometimes they smell bad.
Re: Do you sudo?
@ Tadeas
If you run KDE you can run any application as root as follows:
kde menu ---> Run Command
This dialog opens
Type the name of the application's executable, indicate that you want to run as root and type the root password for root.
If you run KDE you can run any application as root as follows:
kde menu ---> Run Command
This dialog opens
Type the name of the application's executable, indicate that you want to run as root and type the root password for root.
Debian == { > 30, 000 packages }; Debian != systemd
The worst infection of all, is a false sense of security!
It is hard to get away from CLI tools.
The worst infection of all, is a false sense of security!
It is hard to get away from CLI tools.
Re: Do you sudo?
Edbarx: I'm afraid there are not all these options in KDE 4. Yes, it works like this in KDE 3, but not here yet. The RUN dialog should improve a lot i 4.3...
Because let’s face it, the unfortunate aspect of software development is that it involves humans. Mewling, disorganized, miserably analog humans. Sometimes they smell bad.
- Soul Singin'
- Posts: 1605
- Joined: 2008-12-21 07:02
Re: Do you sudo?
That sucks. Try sux.Tadeas wrote:in KDE 4 ... there is still the bug that there is no button to get root privileges - and running systemsettings as a root (after su) fails because root cannot run graphical applications and I'm too lazy to search how to allow it.
.
Re: Do you sudo?
I have disabled root account and always use sudo with timestamp_timeout=0 in settings. I think it's even better than using su, because sometimes it's easy to forget that we are still using root account via su