On Friday, 29 January 2021 12:42:19 -03 to...@tuxteam.de wrote: > On Fri, Jan 29, 2021 at 08:12:20AM -0700, Antonio Russo wrote: > > [...] > > > But, more specifically to your question about sudo, let me argue > > that, at the level of paranoia required to be worried about sudo, > > you should also be worried about a LOT of other packages [...] > > I do appreciate and use sudo -- for me it reduces embarrasing > fat-finger mistakes significantly. > > But it's not everyone cup of tea, and to be fair, there's one > current privilege escalation vulnerability [1] around. It seems > easily fixable (Debian has a fixed version out, if you do use > sudo, check with [2]). > > So if you aren't using <foo>, it's wise to not install <foo>. > Complexity kills :-) > > Cheers > Hi, IMHO sudo within itself is not dangerous but the user/admin is. Sudo has a huge potential to be misconfigured and as a consequence to break down all and every safety barrier. Sudo is a very good tool - to shoot oneself into the foot. Good read: Sudo Mastery by Michael W. Lucas Cheers to y'all
-- Eike Lantzsch ZP6CGE