On Thu, 2009-03-05 at 23:33 -0700, Petrus de Calguarium wrote: > Kevin Kofler wrote: > > > Giving out blanket sudo access to a user with no password prompt (not > even > > user password) means that user is effectively root. At that point I really > > wonder what's the point of having a separate user account (other than > > working around broken apps/libs which refuse running as root)... I'd > > suggest not setting up your sudoers that way. > > That has occurred to me, but it's my computer and I'm the only user, so > password or not, I am BOTH me and root, anyway. > > Do you really think it matters? What could happen, aside from making me > think a few nanoseconds longer before executing a command? Exactly the argument MS used to bandy about when trying to justify the fact that MS-DOS has no concept of user privileges. They've since wised up somewhat, but the whole UAC mess is a consequence of not doing it right from the beginning. To sum up: privileges are there to protect you both from malice and from idiotic mistakes. If you're the only user, you get to be the idiot from time to time. poc -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
