On Wed, Jun 2, 2010 at 8:59 AM, Solor Vox <[email protected]> wrote: > On 2 June 2010 10:31, Jim Cheetham <[email protected]> wrote: >> If you are the owner of the computer in question and you are >> "competant", there is no reason at all not to use root all the time. >> Just set your uid to 0 and be done with it. I'm as serious with that >> comment as I am with "writing passwords down", i.e. very serious. >> > This is both horrible and dangerous advice. First, we are human and I
Not really. It's an extreme position and I put the word "competent" in quotes. Personally, I don't run as UID 0 (although on my main workstation only I do permit sudo with no password for my user). I'm not going to bother with a point-by-point discussion of your comments, they're all sufficiently correct. I just don't agree that they are situations you need to guard against too strongly on a workstation where you should be able to rebuild from an ISO with minimal impact at short notice. That sounds a little bit like moving the goalposts for the discussion, but it's part of the definition of "competent" ... :-) >> However, if you are *not* the owner (i.e. in any business context) >> then sudo provides a very valuable audit log experience. You have 5 > > Sure, sudo helps with logs if the admins use it. Well, don't give them the choice. I'm talking about production systems in a professional services model (ITIL etc), not just a bunch of guys logging on to a webserver somewhere to hack on their blogs. In these environments, audit is far more important than giving the admin a pleasant work environment .. -jim
