Re: SUDO
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/03/07 10:47, Michael Pobega wrote:
> On Mon, Dec 03, 2007 at 05:27:17PM +0100, Dan H wrote:
>> On Mon, 03 Dec 2007 15:47:09 +0100 Jostein Elvaker Haande
>> <jehaande@gmail.com> wrote:
>
>>> erik ALL=(ALL) ALL
>> I've always heard people discouraging root logins or "su" and using
>> sudo instead. I know how sudo works and how to fine-tune system access
>> with it, but is the above suggestion in any way different or safer
>> than a root login?
>
>> --D.
>
>
> Using sudo the way Jostein suggested is just as open to problems as
> logging in as root is, and should be avoided at all costs. Sudo was made
> to save the user from hassle, for example, to play Wesnoth I need to
> have access to the SDL framebuffer, but since you need to have root
> permissions to access it I granted myself permissions just to Wesnoth.
Wouldn't it be better to just give the "games" group rw access to
the SDL framebuffer, and add yourself to the games group?
> pobega ALL=NOPASSWD /usr/games/wesnoth
>
> And aliased in my shell:
>
> alias wesnoth 'sudo /usr/games/wesnoth'
>
> So when I run `wesnoth`, the framebuffer is automagically started and
> I'm granted root permissions just for this one operation.
>
> At least, that's how I think sudo should be used. I suppose you could
> take ten people and they'd each find different uses for a single
> program, but sudo is in NO WAY a replacement for su.
- --
Ron Johnson, Jr.
Jefferson LA USA
%SYSTEM-F-FISH, my hovercraft is full of eels
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHVFP+S9HxQb37XmcRAj/IAKCc7voHv7OCR9porqM8I9LwJfueCwCgrwUm
CT75ywY19GY70VOM5tzoDM0=
=Du3R
-----END PGP SIGNATURE-----
Reply to:
- Follow-Ups:
- Re: SUDO
- From: Michael Pobega <pobega@gmail.com>
- References:
- SUDO
- From: Erik Jakobsen <erik_ja@mail.tele.dk>
- Re: SUDO
- From: Jostein Elvaker Haande <jehaande@gmail.com>
- Re: SUDO
- From: Dan H <dunno@stoptrick.com>
- Re: SUDO
- From: Michael Pobega <pobega@gmail.com>