Re: Please help me to understand all the fuss acout Sudo.

Hey Penny, it's #17 in the FAQs in my signature.

*buntu has adopted a unique approach to empowering the installing user to use "sudo" for root-mode operations, using his/her original password. It's a good way to bend Linux into more of a desktop single-user kind of PC operating system, when it really wasn't directly designed to be that. Other Linux distributions which adhere to the original design, require someone to log in as root and give a root password, prior to installing software or altering any system files outside the user's directory. You can think of it as a shortcut way for the installing user to modify his/her system as desired, without going through the root login kubuki dance of other Linux distributions.

The "security risk" argument may have some merit in the realm of server operations, IMHO, but desktop users are still far better off with Kubuntu and sudo than they are with Windows, in terms of security. So that's the bottom line.

Re: Please help me to understand all the fuss acout Sudo.

In what context are they saying this?

Traditionally one has to either log in as root, or use the "su" command. When logging in as root, there is a natural tendency to stay logged in, and when "su-ing" it it easy to forget and not exit. Having a root account open is clearly a security risk, but it is easy to just always use root when needed and then log out right away. One just needs to remember - and understand the importance of doing it. That's where sudo comes in. It automatically logs out the user when they are finished.

I'm certainly no security expert, but I can imagine that there are ways to utilize the sudo arrangement to gain more access. Perhaps that is what those people are talking about. There's always nitpickers. I don't see Linux systems with sudo being compromised so perhaps the system actually works well nevertheless.

Sudo, is a program:
On a system like Debian, for example, one can install sudo separately and put a certain user or group (perhaps even just a process) in the sudoers file so they will be able to do a certain definable action. An example where this is needed is to shut down the computer from a GUI. This would otherwise require the user to open a terminal and log in as root. Sudo does that for you when you click shutdown.

Dibl is right, it is a convenience. I didn't like it at first because I figured that I should be able to remember to log in and out when needed. I now find it very convenient because it makes it a "no brainer". It really does work very well.

Anyway, I wasn't sure if you were referring to the actual sudo program, or the general concepts around logging in as root.

Re: Please help me to understand all the fuss acout Sudo.

Basically in my experience there are two schools of thought to "su" vs. "sudo" and it's really just up the the developers. Some distros allow "su" by default but not "sudo" and others are the exact opposite. It easy to change from one to the other.

I have to admit I am much less likely to totally bork a system using "sudo" vs. the "su". I'm not really sure why, but that's the way it happens. Even worse is allowing root log in to the GUI, which most distros don't by default.

At first, I found constantly typing sudo was a PITA, but now I see the benefit. 8)

And while we're on the topic: Never launch a GUI program using "sudo" or "su". This is the quickest way to trouble. With KDE use "kdesudo" or gnome "gksudo"