Hi David,
Note that you sent this to the parti/xpra mailing list, and not
winswitch's. I am cross-posting so those who are interested can follow
it up there but please remove parti-discuss when replying as this is not
related to the partiwm project.
Now, about the use of sudo: although I understand your concerns, my goal
is to keep the instructions readable and simple.
Those like you who do not wish to run the 3 lines of shell as root
should be able to work out where (gk)sudo needs to be added instead.
I much prefer telling the user in clear steps what is going on (ie:
become root) so they can use whatever alternative they want (su, ssh,
"terminal as root", etc), rather than forcing them to use sudo 3 times.
I guess it is also a matter of personal taste.
my 2p: people who erase filesystems with typos should not have root
access. Similar story for those who do not exit the root shell.
Cheers
Antoine
On 15/05/11 13:41, David Godfrey wrote:
Hi Antoine
On page http://winswitch.org/downloads/debian-repository.html
specifically on
http://winswitch.org/downloads/debian-repository.html?dist_select=maverick
you state.....
All the instructions below must be run as root, so open a terminal and
become root:
sudo su -
Then you go on to give the commands that should be run.
From an administrators perspective I would prefer to see each command
run with sudo.
So you would end up with
|Step 1: Import the packager's key:
wget -O - http://winswitch.org/gpg.asc | sudo apt-key add -|
Step 2: Maverick Meerkat (10.10)
echo "deb http://winswitch.org/ maverick main" > sudo tee -a
/etc/apt/sources.list.d/winswitch.list;
sudo apt-get update;
sudo apt-get install winswitch
There are a number of reasons for this, including the fact that on many
modern systems there is no root password so, as you have done you need
to use sudo anyway.
In a secured environment (yes even small business and domestic where
there are kids about) is would be common enough to find that su can't be
run with sudo, because while you may allow a user to do various tasks as
root you normally prevent them becoming root.
A good reason to use sudo in this case is the wget command.
While the "|apt-key add" needs to be run as root, I don't believe that
any command that retrieves information from a webpage or similar should
EVER be run as root.
Not that I know of any exploits in wget, but the potential is there, and
it could be disastrous.
|In my mind the most important reason to use sudo for each command is
simple....
you can't forget to relinquish root privileges, while if you are using a
root terminal, it is all too easy to continue using it long after you
should. Potentially doing harm to the installation.
I am on this soapbox because of exactly that scenario, I have just spent
about 14 hours recovering a customers system (forensic level recovery)
after they followed someone's instructions to become root before running
a series of commands.
The intended use of the root terminal complete they continued to use it
for other tasks and due to a simple typo erased half of their system,
including all of there data.
It wouldn't have been so bad, but at the time they had their backup
connected and damaged that as well!
I'll get off of my soapbox now.
Of course these same notes can likely be applied to any other
distribution that has sudo available too.
Regards
David G
_______________________________________________
Parti-discuss mailing list
[email protected]
http://lists.partiwm.org/cgi-bin/mailman/listinfo/parti-discuss
_______________________________________________
Parti-discuss mailing list
[email protected]
http://lists.partiwm.org/cgi-bin/mailman/listinfo/parti-discuss
