Re: sudo and UNIXes (was: audacity export wma format[1 more question])
On Fri, 25 Oct 2013 22:10:35 +0200
Ralf Mardorf <ralf.mardorf@alice-dsl.net> wrote:
> In the past I was against sudo, but nowadays I set up a root account
> (su) and sudo for my Linux and if I use Ubuntu I usually keep it as is,
> IOW just sudo, no root account. Security doesn't suffer from sudo, OTOH
> "ich bin schmerzfrei" as we say in German, somebody on this list called
> it a sledgehammer:
>
> #!/bin/sh
>
> xhost +
> gksudo -u chuser "$*"
> xhost -
> exit
Indeed it does have some qualities of a sledgehammer.
'xhost +si:localuser:chuser' will do the same with less side effects.
Copying right part of .Xauthority will remove the need to do xhost.
> C'mon, not all machines are multi-user top security environments.
Sure. Also you don't mind providing your credit card number and CCV to
the rest of the world. And in no circumstances you won't store any
files on any of those machines you don't want to show to anyone. And
you have no objections to help some poor kind soul to mine some
bitcoins. And you have to objections to participating in botnets or
send spam.
> If you talk about pros and cons sudo, first clarify for what task.
> Better add sudo, even without asking for a password, than have people
> running X sessions as root.
I never implied that sudo is a bad thing. It is Ubuntu-style sudo
(ability to run arbitrary command as a root) is a bad thing IMO.
> Without PAM we likely would run X audio sessions as superuser ;).
> http://jackaudio.org/linux_rt_config
Please tell that to that Lennart Poeterring guy who invented his own
RealTimeGizmo for his beloved PulseAudio ;)
Reco
Reply to: