On Mon, Mar 15, 2004 at 11:35:42PM +0000, Clive Menzies wrote:
I use sudo for all my machines (servers and workstation) with full root
privileges. You can restrict what sudoers can do if you're concerned
about someone gaining access to your user account (man sudo).
So in that case you still need to su root for some tasks.
I think the main benefit is that you can't do something dangerous as
root, should you forget to revert to your user account. With sudo you
have to consciously sudo each command.
Do you feel like your own account has too many privileges?
You see where I'm coming from -- if I give myself enough access via sudo
to do normal stuff I'd need root for, then it's somewhat like having root
all the time. Well, I guess it's more likely to type rm -rf / than sudo
rm -rf / by mistake. I guess the key is to really limit what I can do
with sudo.
I'm changing my question, though. Let's put it this way -- say you
bought a machine and rack space from a provider and they only give you
sudo access to commands. Could you effectively manage the machine? And
if so would that mean then that your normal account had too much
privilege?