On Thu, Oct 30, 2003 at 02:45:32PM -0700, Monique Y. Herman wrote: > On Thu, 30 Oct 2003 at 20:43 GMT, Pigeon penned: > > > > --PLVMksexArUZ/iL3 Content-Type: text/plain; charset=us-ascii > > Content-Disposition: inline Content-Transfer-Encoding: > > quoted-printable > > > > On Thu, Oct 30, 2003 at 11:03:23AM -0700, Monique Y. Herman wrote: > >> On Thu, 30 Oct 2003 at 15:52 GMT, Kent West penned: > >> > I echo Colin's thought. Forget about "su" and use "sudo". It takes > >> > an extra 5 keystrokes per command, but it "just works", and in my > >> > opinion is better than forgetting you're root and doing something > >> > you don't want to do. > >> >=20 apt-get install sudo visudo, add yourself a line similar to > >> >what's already there sudo command_to_be_run_as_root =20 > >>=20 People keep talking about sudo like it's the cat's meow, and maybe > >>for a single-user system it is. But sudo documentation very > >>explicitly warns that, if you're not careful about what you allow, you > >>could accidentally allow access to far more than you expected. > > > >=2E..it seems like a good idea on a single-user machine to allow sudo > >dpkg -i... sudo dpkg -i make_bash_setuid_root.deb > > > > I'm a bit confused ... you snipped out the part where I said that it's > probably fine for a single-user machine, then added your own comment to > that effect, and instructions for installing it ... Er, I left that bit in, then added an example to show how it may be little different from leaving root wide open if someone does get into your account... always a possibility if you're on the net. > For the record, I have it installed. But I still think that espousing > sudo as a panacea, without encouraging people to read the documentation > and understand the potential pitfalls, is not the right thing to do. Agreed. -- Pigeon Be kind to pigeons Get my GPG key here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x21C61F7F
Attachment:
pgpaQa827jQod.pgp
Description: PGP signature