[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]


Hash: SHA1

On 12/03/07 10:47, Michael Pobega wrote:
> On Mon, Dec 03, 2007 at 05:27:17PM +0100, Dan H wrote:
>> On Mon, 03 Dec 2007 15:47:09 +0100 Jostein Elvaker Haande
>> <jehaande@gmail.com> wrote:
>>> erik	ALL=(ALL) ALL
>> I've always heard people discouraging root logins or "su" and using
>> sudo instead. I know how sudo works and how to fine-tune system access
>> with it, but is the above suggestion in any way different or safer
>> than a root login?
>> --D.
> Using sudo the way Jostein suggested is just as open to problems as
> logging in as root is, and should be avoided at all costs. Sudo was made
> to save the user from hassle, for example, to play Wesnoth I need to
> have access to the SDL framebuffer, but since you need to have root
> permissions to access it I granted myself permissions just to Wesnoth.

Wouldn't it be better to just give the "games" group rw access to
the SDL framebuffer, and add yourself to the games group?

> pobega	ALL=NOPASSWD	/usr/games/wesnoth
> And aliased in my shell:
> alias wesnoth	'sudo /usr/games/wesnoth'
> So when I run `wesnoth`, the framebuffer is automagically started and
> I'm granted root permissions just for this one operation.
> At least, that's how I think sudo should be used. I suppose you could
> take ten people and they'd each find different uses for a single
> program, but sudo is in NO WAY a replacement for su. 

- --
Ron Johnson, Jr.
Jefferson LA  USA

%SYSTEM-F-FISH, my hovercraft is full of eels
Version: GnuPG v1.4.6 (GNU/Linux)


Reply to: