From owner-freebsd-questions@FreeBSD.ORG Thu Apr 5 09:01:08 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id EDD9F16A402 for ; Thu, 5 Apr 2007 09:01:07 +0000 (UTC) (envelope-from cptsalek@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.184]) by mx1.freebsd.org (Postfix) with ESMTP id 923A013C468 for ; Thu, 5 Apr 2007 09:01:06 +0000 (UTC) (envelope-from cptsalek@gmail.com) Received: by mu-out-0910.google.com with SMTP id g7so766359muf for ; Thu, 05 Apr 2007 02:01:05 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=g01lKegPdmD5LMzxiEAR0u1aWc8f7JbLfp0wv1tHT0xJ5+wy+O0Obn6EfeGaarQvEmHlO9YBSAd01ZFjpm+HPZcyrFOSPSIqPttdf65j/cd9vs9NC0MEttwhQIado4oCctYsoR9F5WSehWIbyJoFqFAjdzHCbn7sdJ07l6vGBmk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=IyHQblTWYDvanPsDrq1zm81I3NuqOSAszcexOP5EnO11WMYC50Agi8QgdXYHpICcNrkWolaHXPezv/FxVGFCfvI4IcwvB1gQK4HWyMnxblhdqQbDl079+W62rshY8v/PReLYSalb615Ip9DEQe5LrGYNPrP2yp4PFPBrq30puzA= Received: by 10.82.146.14 with SMTP id t14mr2185292bud.1175763664728; Thu, 05 Apr 2007 02:01:04 -0700 (PDT) Received: by 10.82.158.7 with HTTP; Thu, 5 Apr 2007 02:01:04 -0700 (PDT) Message-ID: <14989d6e0704050201s6be99be8m62aa6822299e0e6a@mail.gmail.com> Date: Thu, 5 Apr 2007 11:01:04 +0200 From: "Christian Walther" To: Schiz0 In-Reply-To: <8d23ec860704050154j7d0cfed5n631611f4afe32006@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <7d4f41f50704050142v9c73a17tb1812f218ea4416@mail.gmail.com> <8d23ec860704050147r7b7daef2k432bb20a27ae8098@mail.gmail.com> <8d23ec860704050154j7d0cfed5n631611f4afe32006@mail.gmail.com> Cc: freebsd-questions@freebsd.org, Pietro Cerutti , victor.engmark@gmail.com Subject: Re: Should sudo be used? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Apr 2007 09:01:08 -0000 On 05/04/07, Schiz0 wrote: [Moved answer to the bottom -- please don't use top post] > > On 4/5/07, Pietro Cerutti wrote: > > > > On 4/5/07, Schiz0 wrote: > > > I don't use sudo. I find it rather pointless. If I need to do something > > as > > > root, I use su to gain root privileges, then when I'm done, I exit and > > > return to the original user. The user running su must be in the group > > > "wheel" to be able to su to root. This is a simple yet convenient > > security > > > system. > > > > What when you have several people with different privileges wanting to > > do stuff that normally only root can? Would you give your root > > password to everyone, or rather install sudo and define exactly what a > > user can do? > > > True, if that was the case I'd use sudo. But I'm the only user on my systems > that I'd trust with root access, so there's no point with my setup. Well, sudo makes execution of several commands or script as another user quite simple because there's no need to enter the root password. For example I've three Access Points at home, but my machine can't connect to the "nearest" one automatically. So I need to issue "ifconfig ath0 scan" as root. Since I'm not root all the time, I defined an alias that executes the command using sudo. It's just one word, and I'm set. My girlfriend is using my old Laptop know, and I installed FreeBSD on it, too. So she needs the command, too. Since she isn't used to the Console I defined a new program/button in KDE she can press. So you see, there are reasons to use sudo even if you're the only user on a system. But as anywhere else in the Unix world, there are several different ways of how to perform a certain task, and the way one chooses is up to him/her.