06 November 2008

Sudo vs. Root

When I left the Ubuntu Technical Help List (where people sometimes get into arguments over matters of opinion), I thought it'd be the last time that I'd hear of this issue, but reality has it that people just can't stop ranting about it... much like the way I can't run from pretty lesbians - they just keep coming back to haunt me!!!

Thanks a lot, Fred. :P

-------- Original Message --------
Subject: Re: Firefox
Date: Thu, 06 Nov 2008 04:21:03 +0800
From: Wei-Yee Chan
Organization: Google Inc.
To: Fred A. Miller

Fred A. Miller wrote:
> Wei-Yee Chan wrote:
> Stupid things like the default of using sudo so users
> can have root access. NOT!!!!!!!!! I want a root account by default.
> MOST users I have I DON'T want having root access!!

Stop whining! *Lol* In fact, I have root enabled on my own system. I believe your "problem" can be easily resolved.

Just issue the following command:

sudo passwd root

The following thread might be of interest to you, particularly the conversation between Derek Broughton and myself.



eremit said...

OMFG. Indeed, this topic always comes back for haunting us.

I never understood that sudo vs. su discussion, but I followed it on several lists, forums and so on -- mostly with a devilish smirk.

In the end it's a matter of personal taste -- nevertheless I prefer sudo over su (are there really serious reasons for having time-unlimited root privileges?), as you can restrict sudo to just those commands that are really needed for a user or a specific job, and of course, because of the well-known-and-often-forgotten-root-powered 'rm -Rf /'. Okay, as long as your sudo is in the time limit, your system will be f**ked up too, but after timeout there won't happen much.

Wei-Yee Chan said...

Yep. They just rant on and on and on....

I feel that other than one's preference, one should also consider the situation at hand.

People that I got to know, who have security in mind, have differing views as to which is more secure. This is not surprising, as they see security as a straight-forward step-by-step process. It is a big mistake, as this approach fails to consider the facts of the situation. What works best in one situation may fail terribly in another. In contrast, my approach is dynamic.

It's one thing to have tons of knowledge in one's head, and quite another to apply that knowledge to real-life scenarios.