[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] How To Saga

To: shef-lug [at] xxxxxxxxxxxxxxxxxxx
Subject: Re: [Sheflug] How To Saga
From: "John Cooper" <john [at] xxxxxxxxxxxxx>
Date: Mon, 8 Aug 2005 12:07:30 +0100 (BST)
Delivered-to: shef-lug [at] list.sheflug.org.uk
Importance: Normal
List-help: <mailto:shef-lug-request [at] list.sheflug.org.uk?subject=help>
List-id: Sheflug <shef-lug.list.sheflug.org.uk>
List-post: <mailto:shef-lug [at] list.sheflug.org.uk>
List-subscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=subscribe>
List-unsubscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=unsubscribe>
Reply-to: shef-lug [at] xxxxxxxxxxxxxxxxxxx
Sender: shef-lug-admin [at] xxxxxxxxxxxxxxxxxxx
User-agent: SquirrelMail/1.4.3a-0.f1.1

> On 05-Aug-05 lesleyb wrote:

>
>> It's just hidden away and sudo is being used to provide an
>> apparent way of avoiding people using the root account.
>>
>> The fact the account used in it's place needs to be guarded as
>> strongly as the root account of course makes the whole thing a
>> complete fag. imnsho :)
>
> Well, I'm very much inclined to the same view. On the one hand,
> if any user is to get full root powers then that user might
> as well be called "root", and have done with it.
>

I think that it's more of a usability thing than a full on security thing.
The root account is there and setup as usual but with the password
disabled. When you create your user they have access to the sudo command,
this in it's simplest for allows them to do the required admin functions
like adding software or changing network configs by entering in thier
password as a sort of reminder that they are doing something important.

Ubuntu is supposed to be for a simple desktop install so the whole concept
of root has been hidden from the user using sudo. But you still get the
standard protection of not letting them delete / without jumping through a
few hoops first!

> For those usages where a user may need restricted root powers
> for certain applications, then surely the usual route of setting the
permissions of an executable file by "chmod u+s" will do?
> Similarly, "chmod g+s" in appropriate cases.
>

True but this means keeping a tight control over the users, groups and
permissions of a load of executables that are set in a non standard way.

> I still have one final question about Ubuntu (which I'm still
> interested in trying out sometime)

Give the live CD a try, you can then have a full, if somewhat slower,
system to test.

> If one does "activate" the
> root account -- e.g. as suggested by Alex Hudson: "It doesn't
> have a password set by default, but 'sudo passwd root' fixes
> that if you like logging in as root." -- does one then have a
> normal system with root just like all other roots in the
> universe?
>

Yep. That's the point I think. If you really want to run as root then
there is only setting the root password an no large changes from the
standard Debian setup. You could of course use "sudo su - root" if you
want to use it for a short install or some such. But who logs in as root
anyway!

john

___________________________________________________________________

Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html

  GNU the choice of a complete generation.

Prev by Date: Re: [Sheflug] Ubuntu newbie help please
Next by Date: Re: [Sheflug] PC Problem
Previous by thread: Re: [Sheflug] How To Saga
Next by thread: [Sheflug] .jpg print
Index(es):
- Date
- Thread