*OOps small error in the last email*
On 15/05/11 14:41, David Godfrey wrote:
Hi Antoine
On page http://winswitch.org/downloads/debian-repository.html
specifically on
http://winswitch.org/downloads/debian-repository.html?dist_select=maverick
you state.....
All the instructions below must be run as root, so open a terminal
and become root:
sudo su -
Then you go on to give the commands that should be run.
From an administrators perspective I would prefer to see each command
run with sudo.
So you would end up with
| Step 1: Import the packager's key:
wget -O - http://winswitch.org/gpg.asc | sudo apt-key add -|
Step 2: Maverick Meerkat (10.10)
echo "deb http://winswitch.org/ maverick main" > sudo tee -a
/etc/apt/sources.list.d/winswitch.list;
Should have read....
echo "deb http://winswitch.org/ maverick main" | sudo tee -a
/etc/apt/sources.list.d/winswitch.list;
sudo apt-get update;
sudo apt-get install winswitch
There are a number of reasons for this, including the fact that on
many modern systems there is no root password so, as you have done you
need to use sudo anyway.
In a secured environment (yes even small business and domestic where
there are kids about) is would be common enough to find that su can't
be run with sudo, because while you may allow a user to do various
tasks as root you normally prevent them becoming root.
A good reason to use sudo in this case is the wget command.
While the "|apt-key add" needs to be run as root, I don't believe that
any command that retrieves information from a webpage or similar
should EVER be run as root.
Not that I know of any exploits in wget, but the potential is there,
and it could be disastrous.
|In my mind the most important reason to use sudo for each command is
simple....
you can't forget to relinquish root privileges, while if you are
using a root terminal, it is all too easy to continue using it long
after you should. Potentially doing harm to the installation.
I am on this soapbox because of exactly that scenario, I have just
spent about 14 hours recovering a customers system (forensic level
recovery) after they followed someone's instructions to become root
before running a series of commands.
The intended use of the root terminal complete they continued to use
it for other tasks and due to a simple typo erased half of their
system, including all of there data.
It wouldn't have been so bad, but at the time they had their backup
connected and damaged that as well!
I'll get off of my soapbox now.
Of course these same notes can likely be applied to any other
distribution that has sudo available too.
Regards
David G
_______________________________________________
Parti-discuss mailing list
[email protected]
http://lists.partiwm.org/cgi-bin/mailman/listinfo/parti-discuss
_______________________________________________
Parti-discuss mailing list
[email protected]
http://lists.partiwm.org/cgi-bin/mailman/listinfo/parti-discuss
