On Tue, 2011-06-14 at 11:23 -0700, Alan Coopersmith wrote: > On 06/14/11 10:05 AM, Gabriele Bulfon wrote: > > Thanx for your reply, > > I understand the security issue. > > But, is it so much more secure when you can just sudo commands? > > Where is the difference? > > With sudo, you choose to only run commands that need extra privileges > with those privileges - most of the commands a normal user runs don't > need that, so why use it and run the risk of either operator error > or buggy software doing more damage than normal? >
Which is useful in environments where you have jr. sysadmins, backup operators, etc., i.e. different roles, not all of which you want/trust to have full root access, so tasks can be limited to only those necessary to fulfill that role. On a boxes where I, or one or two others I know and trust, are the only admin(s), I find sudo a complete pita and never use it. When I want root it's because I need to get something done and sudo just gets in my way and adds unnecessary typing w/o any benefit - if I'm going to make a typo or brain fart so bad as to blow up the box, sudo is not going to save me. Much better to actually have a # in your prompt and adhere to the old sysadmin adage of sitting on your hands for 5 seconds before hitting enter... The point being here, that while sudo does have it's place, it's not the magic bullet some would have us believe it is. -- Regards-- Ken Gunderson _______________________________________________ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss