Hi Antoine
On page http://winswitch.org/downloads/debian-repository.html
specifically on
http://winswitch.org/downloads/debian-repository.html?dist_select=maverick
you state.....
All the instructions below must be run as root, so open a terminal
and become root:
sudo su -
Then you go on to give the commands that should be run.
From an administrators perspective I would prefer to see each command
run with sudo.
So you would end up with
| Step 1: Import the packager's key:
wget -O - http://winswitch.org/gpg.asc | sudo apt-key add -|
Step 2: Maverick Meerkat (10.10)
echo "deb http://winswitch.org/ maverick main" > sudo tee -a
/etc/apt/sources.list.d/winswitch.list;
sudo apt-get update;
sudo apt-get install winswitch
There are a number of reasons for this, including the fact that on many
modern systems there is no root password so, as you have done you need
to use sudo anyway.
In a secured environment (yes even small business and domestic where
there are kids about) is would be common enough to find that su can't be
run with sudo, because while you may allow a user to do various tasks as
root you normally prevent them becoming root.
A good reason to use sudo in this case is the wget command.
While the "|apt-key add" needs to be run as root, I don't believe that
any command that retrieves information from a webpage or similar should
EVER be run as root.
Not that I know of any exploits in wget, but the potential is there, and
it could be disastrous.
|In my mind the most important reason to use sudo for each command is
simple....
you can't forget to relinquish root privileges, while if you are
using a root terminal, it is all too easy to continue using it long
after you should. Potentially doing harm to the installation.
I am on this soapbox because of exactly that scenario, I have just spent
about 14 hours recovering a customers system (forensic level recovery)
after they followed someone's instructions to become root before running
a series of commands.
The intended use of the root terminal complete they continued to use it
for other tasks and due to a simple typo erased half of their system,
including all of there data.
It wouldn't have been so bad, but at the time they had their backup
connected and damaged that as well!
I'll get off of my soapbox now.
Of course these same notes can likely be applied to any other
distribution that has sudo available too.
Regards
David G
_______________________________________________
Parti-discuss mailing list
[email protected]
http://lists.partiwm.org/cgi-bin/mailman/listinfo/parti-discuss
