> *but*, people often overestimate the safety provided by sudo. many [...lots of valid reasons deleted...] But that as well is not an argument against sudo. To continue that line of reasoning it is unsafe to connect a computer to a network. Root vulnerability exploits have existed in the past and certainly most people expect that more will be uncovered in the future. Therefore connecting a computer to any network is unsafe and by your line of reasoning should be avoided. And yet you have connected your computer to a network, for we received your email message and it arrived here by some means. By your own definition you are practicing dangerous computer security. For it is possible that you could easily misconfigure your mailer through lack of a detailed understanding of it. Many others have done so in the past proving that point. Hmm... Continuing that line of reasoning into the absurd... Connecting a computer to a power plug enables it to be cracked by vulnerabilities. If you never power it up then it can't be cracked. (Unfortunately that is the general reasoning of the security department at my employer.) There is also another use model where sudo is not providing extra security but rather providing extra safety as protection against accidents. For example, if you can touch the computer hardware there is very little security as there are many, many exploits against the hardware. Then in that case why use anything other than root when working on the console? It is not security but protection against accidents which is being provided. In that model use of sudo to execute targeted commands as root lessens the likelyhood that simple mistakes will cause trouble to the system. For example, 'sudo /etc/init.d/named reload' while not a completely safe command from a security standpoint is unlikely to cause trouble from a typo. Sudo is only going to allow your listed set of commands. But if the command is not in your list then it will be rejected. Therefore 'sudo rm -rf /' will fail and you will be glad of the accident avoidance. Bob
Attachment:
pgpM5taqlOIyd.pgp
Description: PGP signature