[Nottingham] For info Fedora 17 out today

Martin martin at ml1.co.uk
Tue May 29 14:14:36 UTC 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 29/05/12 14:52, Jason Irwin wrote:
> On 29/05/12 14:41, david at gbenet.com wrote:
>> "Modern" blimey sudo was old hat like sh - but unless you can
>> edit the file command and append sudo to it then the average user
>> not going to be able to edit files that root can.
> Of course they can.  "sudo vi /foo/bar"  The whole idea to to
> restrict the potential damage that a user may cause.
> 
> If they are not in the "sudoers" group and have a genuine need to
> become root, they need to speak to whomever installed the system.
> 
> And if you need a root shell, "sudo su" is your friend.

Or more directly: "sudo -i"


>> Some folders - directories they will not be able to open.
> "sudo nautilus"
> 
> Again, if they can't see into the folder then either the admin was
> a plonker or they have no need to.
> 
> Maybe I spend too much time in the shallow end, wrapped in an
> Ubuntu bundle; but I really don't see the lack of a direct root
> og-in as being much of a issue.

For sshd, the first thing I check is that root login is disabled.

Disabling root login via whatever graphical front end is something I
consider to be a good idea also. Mandriva does/did allow graphical
root login but you got a very distinctive (red?) desktop to let you
know you shouldn't really be doing that...

Root login via the local console is all you should need for fixing
boot-up problems...

Once logged in as a normal user, you then have su/sudo to remind you
that you are making system changes. One case that does need rethinking
is for on-the-fly setting up of peripherals/networks such as printers
and WiFi, as explained by Linus not so long back ;-)


Otherwise... Yes, I'd say whatever such system was indeed "crap"! :-)

(Isn't that what has been rediscovered over the years for a certain
single-user with multiple "profiles" proprietary Marketeering system?...)

Cheers,
Martin

- -- 
- - ------------------ - ----------------------------------------
- -    Martin Lomas    - OpenPGP (GPG/PGP) Public Key: 0xCEE1D3B7
- - martin @ ml1 co uk - Import from   hkp://subkeys.pgp.net   or
- - ------------------ - http:// ml1 .co .uk/martin_ml1_co_uk.gpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk/E2g4ACgkQ+sI3Ds7h07eajACfYzmTHkEpVvrgCUDr4E2Xlivv
U7oAn3JioNnhi+RrlSZhtZwy96C8bb73
=ubK2
-----END PGP SIGNATURE-----

More information about the Nottingham mailing list