Ubuntu user's report

Net Llama! netllama
Sat Dec 18 11:46:14 PST 2004 

On 12/18/2004 08:22 AM, Myles Green wrote:
> On Sat, 2004-18-12 at 07:37 -0800, Net Llama! wrote:
> 
>>On 12/18/2004 12:28 AM, Myles Green wrote:
>>
>>>Hi All, sorry for the length. If you're not interested in checking out a
>>>new distro you might want to forgo this email.
>>>
>>>I recently installed Ubuntu on my usual system in place of my usual
>>>distribution (Slackware) for no reason other than seeing what all the
>>>hype was about. Having used Debian in the past (potato), and liking it,
>>>I thought I was prepared for what I was about to encounter. Much to my
>>>surprise, I found that I wasn't. No hassles, just pop the disc into the
>>>drive, reboot, answer a (very) few questions, sit back and watch it
>>>install the basic system. After that was done, pop the disc out of the
>>>drive, reboot, answer a few more questions and, if you answered 'yes' to
>>>downloading software, off it goes and installs updated software (most of
>>>it security related). If you popped that disc back in after the reboot
>>>it installs more off the disc along with the downloaded software and in
>>>about 45 minutes (broadband Internet + high speed cdrom) you're looking
>>>at GDM ready to login. That is, unless you elected to do a custom
>>>install and set up a server which, I'm told, there are several folks
>>>doing and using in production systems.
>>>
>>>At no time are you asked to enter a root password, by default the first
>>>user created is added to the sudoers list. Now, I *did* have my
>>>reservations about this idea but I do (sort of) understand their
>>>reasoning. I also know how to type 'sudo passwd root' in order to
>>>circumvent that idea (I believe that's all that's needed) but I've
>>>pretty much gotten used to just typing sudo before any commands that
>>>require root privileges - this is after all not a mission critical
>>>system.
>>
>>Maybe i'm just missing something, but how is that more secure than using 
>>root?  If your box gets owned, now they don't even need to get root?
> 
> 
> As a desktop system no servers are installed so there no services
> offered and minimum risk. A (several actually) firewall(s) is/are
> available. Like I said, experienced users can enable the root account at
> will. Nobody says you _have_ to use Ubuntu so, for folks like yourself,
> "keep going people, nothing to see here".
> 
> No offence Lonnie, but Red Hat and or Fedora aren't for everyone and
> neither is Ubuntu or any other distribution. Isn't the freedom to choose
> a wonderful thing?
> 
> Happy Holidays,

I wasn't attacking ubuntu.  I just don't understand why sudo makes the 
box more secure.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
L. Friedman                       	       netllama at linux-sxs.org
Linux Step-by-step & TyGeMo: 		    http://netllama.ipfox.com

  08:45:01 up 110 days, 23:29,  9 users,  load average: 1.35, 1.18, 1.11

More information about the Linux-users mailing list