[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: low-hanging fruit



Colin Walters escribió:
On 8/16/07, *Gian Paolo Mureddu* <gmureddu prodigy net mx <mailto:gmureddu prodigy net mx>> wrote:


    fine, adding sudo by default doesn't seem like very good idea for me,
    especially after my experiences with *buntu systems where the whole
*/sbin paths are visible to the regular users,

But what is a "regular" user? If you have the Vista/OSX desktop spin, "regular users" won't ever open a terminal (or really, any application other than a web browser), and so the default path is completely irrelevant.

But as a developer, when I open a terminal I want ifconfig, damn it.
Then change your .bashrc to include /sbin in the PATH, don't do it "universally" for all users and much less *enforce* insecure practices. Besides as I said, many of the /sbin commands run as regular users, and just like you I don't see the "burden" to use the full path... /sbin/ifconfig...

    and though many of those
    commands need proper authentication to do their job, there are quite a
    few which can run with regular UIDs.  I've always thought that the
    presence of a proper 'root' account in Fedora and Red Hat was way
    better
    than having one "disabled".


It's unclear to me how the root account being enabled or not relates to the path.

Anyways, I couldn't care less about whether or not you can log in as "root". What is important is to kill password prompts, *especially* prompts for two passwords. If we killed the prompt for the updater we'd be 90% there since that's the only thing that regularly prompts (or used to) in day to day use.
Are we going completely out of our minds here?? Since when alerting the user that s/he's about to do something that will affect the whole system is a bad idea? I do agree that having two password pop ups might not be the best or most elegant solution, but neither is "opening up" the system and putting it at risk. Getting rid of that extra layer *is* putting the system at risk. Especially in the hands of inexperienced users (and I know and am aware that Fedora's traditional audience is *NOT* inexperienced users, and yet, the Forums are flooded with new users questions and issues... So I'd think of them too).


This forum thread fixed it for me:
http://forums.fedoraforum.org/archive/index.php/t-139634.html

Let's just do it.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]