[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM Recipe to Authenticate on Either the User's Password or Root's Password



On 5/13/06, Les Mikesell <lesmikesell gmail com> wrote:
> > It's more program philosophy than a social issue.  When you
> > disagree with the author about what the program is supposed
> > to do, the source code is the place to start.
>
> I don't get your meaning. I want to use `sudo` for the purpose it was
> written, to execute a command as another user.

That's really the purpose of 'su'.  Sudo exists for the case where
you don't know the other user's password.  None of the limitations
that sudo provides mean much if the user executing it has the
option of using su directly or simply logging in as the other
user.

This is the kind of debate I was hoping to avoid, as I think it scares
away possible solutions.

The way I see it, there are two camps with views on `su` and `sudo`.
One camp thinks `su` should be used for system administration and that
`sudo` should be used by less trusted users or avoided altogether. The
other camp thinks `su` should be avoided by everyone and that even
administrators who know the root password should opt to use `sudo`.

I don't want to argue over who is right, though if you want to debate
`su` verses `sudo` you can start another thread. My desire is merely
for a technical answer.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]