Hi, > Date: Thu, 25 Jun 2015 21:46:33 -0600 > From: b...@proulx.com > > The Wanderer wrote: >> In which case I return to my original comment on that point: although >> there might be situations where this setup could make sense, they would >> _not_ be for the casual user. As a setup for a sole computer intended to >> be administered by its sole user, this is simply a crazy design. > > I, like you, feel that being able to log in using a root password is > an essential requirement. However it is also true that Ubuntu is > designed for the non-technical and Ubuntu has chosen to disable the > root password by default and to provide sudo as the root access > method. Although I agree with you that it is crazy I have to admit > that there are a lot of Ubuntu machines out there with root login > disabled.
Having a single root account for administration is also bad from an accountability viewpoint: it's essentially an anonymous account. Having user-based accounts allows for much better control and transparency over "who did what". So while you think it is crazy to have to use sudo on a single-user machine, I think it's similarly crazy to enable the root account on machines that are administered by multiple people. The root account should be limited to emergency use only, and when your threat model doesn't include having to defend against physical access, the Debian approach of locking the root account and allowing passwordless login through sulogin is a perfectly reasonable and valid setup. Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/dub124-w460a5c57b12873b9424974b8...@phx.gbl