Ralf Mardorf writes: > bad luck, but not for me. If somebody would > break my Linux, I would restore it from a backup.
I would not stay on this "not my problem" stance[*], and I would not trust backups as an absolute safety. > I don't understand why sudo should be less save. Because its standard configuration "abuses" the tool a bit and leaves a potential door open. > I still do not understand what exactly is more secure by using su, than > when having both su and sudo or only sudo. My opinion is "su to switch user for administrative tasks", sudo for those special cases where power is leased for certain tasks to certain people (having at least a better man page would not hurt in this). Debian is a distribution with a strong social commitment, a great package management and the stable distribution is rock solid. > For servers with many users there are for sure books written how to make > them most secure possible. For my PC and many other home PCs there is > zero need for much security. Nope. Those PC w/o security may become part of a swarm used for... whatever. Maybe silencing your favourite campaign. > AFAIK for the multi-user-system the biggest issue are USB ports and > optical drives. As long as users can chroot using a live CD there's no > need to care about su or sudo anyway. Physical security is indeed an issue. When attackers can put their greedy hands on a computer there is nothing to stop them :) > Perhaps somebody with real server experiences for real > multi-user-systems could enlighten us, if sudo does cause any issue and > why Debian anyway decided to make it a default. I had some in the past, even in the not so far past. Even if I am a senior developer, the Italian part of my signature says "Software farmer and sysadmin in others' wasted time [**]". And unguarded machines are a real boon for "wrongdoers". -- /\ ___ Ubuntu: ancient /___/\_|_|\_|__|___Gian Uberto Lauri_____ African word //--\| | \| | Integralista GNUslamico meaning "I can \/ coltivatore diretto di software not install giĆ sistemista a tempo (altrui) perso... Debian" Warning: gnome-config-daemon considered more dangerous than GOTO [*] http://www.thehypertexts.com/Famous%20Holocaust%20Poems.htm [**] "a tempo perso" means "in his/her spare time" and "a tempo (altrui) perso" is a terrible joke poiting to wasting others' time. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/21159.18357.179948.443...@mail.eng.it