Re: Packages - what's the best way?

Bob Proulx <bob@xxxxxxxxxx> writes:

Tyler Smith wrote:
Doesn't the 'ALL=(ALL) ALL' line give the user unlimited authority
anyways?

It isn't about restricting privilege. Both have superuser privilege.
It is about the invocation environment.


I hadn't thought of that. Makes sense.

Sure if you are the only one using your own machine and nothing else
then it doesn't matter.

I do have a habit of forgetting that not everyone is running a
single-user laptop!


Is there any security benefit to logging in as a user with
unlimited sudo access over just logging in as root?

It isn't about security. Although the need to share passwords with su
makes it inherently less secure.



Accident prevention is an important safeguard. If you are operating
with your normal command line editing environment then you are less
likely to make mistakes.

Thanks for your comments. I'm still not sure about using 'ALL=(ALL) ALL'
in general, but at least I understand the other advantages of sudo over
su.

Cheers,

Tyler


--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
Archive: http://lists.debian.org/87fwv0ric3.fsf@xxxxxxxxxxxxxxxx