[dgplug-users] My response to "5.Why or Why not use sudo/su ? (2 versions of responses)
Anurag
gnurag at gmail.com
Mon Jun 30 13:13:15 PDT 2014
On Tue, Jul 1, 2014 at 12:53 AM, Sabniveesu Shashank <shashank at linux.com>
wrote:
> Hi,
>
> [
> *Simple response]*
> Think of what "sudo rm -R *" can do. It removes all files in your home
> directory - your downloads, your documents, music & videos and all changed
> settings of your daily used applications.
>
> Think of what "sudo rm -R /" can do. Well, if you know that "/" in
> GNU/Linux indicates the root of the entire disk structure, you know what
> you are messing with
>
> The danger is that if these are your second or further commands (with
> sudo), you won't be prompted for password even!
>
It is well thought and is there for convenience. sudo is designed to allow
system administrators to manage simple acls. With carefully configured
sudoers file one can configure which user/group is allowed to access which
commands, with which environment variables, and as which user.
In its simplest configuration (which is what most distributions ship), sudo
allows the admin/first user to execute all commands with authentication
caching. So, if the user with sudo access types "sudo nohup rm -R / &",
well, they asked for it!
As an analogy from daily life - A common kitchen knife can cause a lot of
damage if used carelessly but a skilled chef effortlessly uses it to cook
tasty meal.
Anurag
More information about the Users
mailing list