Re: Another Fedora decision

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 2015-02-04, Valeri Galtsev <galtsev@xxxxxxxxxxxxxxxxx> wrote:
>
> I'm neutral to sudo (even though I was taught "the smaller number of
> SUID/SGID files you have, the better). Yet, I'm considering it less safe
> to have regular user who can log in with GUI interface, and likely to be
> doing regular user stuff to have almighty abilities. Yes, I know, I know
> he has to prepend "sudo"... OK, this seems to be kind of question of taste
> in the majority opinion.

I think it's basically six of one, half-dozen of the other.  Is a user
any more or less likely to screw up his box if he has to log in as root
or has to use sudo?  I really don't know.  OTOH, forcing sudo does have
one advantage, in that every sudo command is logged.  (If you do sudo su
you lose that.)

> Yes, Debian and its clones have full fledged root account, only with empty
> password hash (thus making it account for which no password will match).
> You can enable it by grabbing root shell using sudo, then using command
> passwd to set password. voila.

I believe that on recent OS Xs this method no longer works (it used to).

As to the original topic (heh), isn't it a bit counterproductive to
complain about changes in Fedora or RHEL on this list?  Those
distributions are separate entities with their own decision making
processes.  If you want to complain about Fedora, go to their list
(which IIRC the OP pointed people to).  If you want to complain about
RHEL, buy a RedHat suport contract.  It seems to me that the only
legitimate complaints one could make about CentOS would be if they went
out of their way to make CentOS different from RHEL in a very suboptimal
way.  Do you really have any justification for complaining if CentOS
enforces the same password requirements on install as RHEL?

--keith


-- 
kkeller@xxxxxxxxxxxxxxxxxxxxxxxxxx

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux