-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ralf Mardorf wrote: > Gustin Johnson wrote: >> I do not wish to assist people into reducing their security further. > > What's less secure if I have a user without superuser permissions and a > superuser account that I only will use if there is the need to. It's > more safe than the way it's for Ubuntu. > >> If someone can make such an educated decision, they certainly do not >> need my help. > > That reminds me to a discussion. I once would someone tell how to get > access to his Linux, while he has forgotten his passwords, but I wasn't > allowed to do this in an open forum, with a similar argument to yours, > plus the argument he might illegal hack a Linux of someone else. But > back to the topic. Why it's less secure the way "normal" Linux like
It could be argued that Ubuntu is "normal" since it is currently the most popular distro. > Debian, Suse and a lot of others do it, resp. what's more save if a user > only needs to type sudo? I don't want to have other people on my > computer being able to do things that only a superuser should be allowed > to do. > sudo can be restricted to only run certain apps by certain users or groups. Su is an all or nothing proposition, you either have complete access or you don't. Sudo is a very powerful application that is allows one to fine tune who exactly has access to what. Sudo also provides an audit trail, which is probably not of interest to many on this list, but is useful. I cannot possibly do it justice here, but you can find more information on sudo here: http://www.gratisoft.us/sudo/ By the way, only the first user created by the Ubuntu installer has access to sudo. > Your argument is paradox to the situation it's for Ubuntu. Ubuntu is > less secure, because ther's no superuser account. > The superuser account exists, you are just not allowed to login to it *by default*. Your conclusion is wrong because your argument is based on an incorrect understanding of the mechanisms involved. If you are genuinely curious then I would suggest you start by learning about PAM, sudo, and visudo (what you use to configure sudo). Of course you are free to do whatever you want to your system. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmuZvgACgkQwRXgH3rKGfPuOACgoUc3PnL8f7kGYN+yhIu0y+t/ jmMAnA6LJmr4mo+5NzuusJRQ7qzBwGrU =FE/h -----END PGP SIGNATURE----- _______________________________________________ 64studio-users mailing list [email protected] http://lists.64studio.com/mailman/listinfo/64studio-users
