[CentOS] Another Fedora decision

Valeri Galtsev galtsev at kicp.uchicago.edu
Thu Feb 5 15:35:05 UTC 2015 

On Thu, February 5, 2015 12:49 am, Keith Keller wrote:
> On 2015-02-04, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote:
>>
>> I'm neutral to sudo (even though I was taught "the smaller number of
>> SUID/SGID files you have, the better). Yet, I'm considering it less safe
>> to have regular user who can log in with GUI interface, and likely to be
>> doing regular user stuff to have almighty abilities. Yes, I know, I know
>> he has to prepend "sudo"... OK, this seems to be kind of question of
>> taste
>> in the majority opinion.
>
> I think it's basically six of one, half-dozen of the other.  Is a user
> any more or less likely to screw up his box if he has to log in as root
> or has to use sudo?  I really don't know.  OTOH, forcing sudo does have
> one advantage, in that every sudo command is logged.  (If you do sudo su
> you lose that.)
>
>> Yes, Debian and its clones have full fledged root account, only with
>> empty
>> password hash (thus making it account for which no password will match).
>> You can enable it by grabbing root shell using sudo, then using command
>> passwd to set password. voila.
>
> I believe that on recent OS Xs this method no longer works (it used to).
>
> As to the original topic (heh), isn't it a bit counterproductive to
> complain about changes in Fedora or RHEL on this list?  Those
> distributions are separate entities with their own decision making
> processes.  If you want to complain about Fedora, go to their list
> (which IIRC the OP pointed people to).  If you want to complain about
> RHEL, buy a RedHat suport contract.  It seems to me that the only
> legitimate complaints one could make about CentOS would be if they went
> out of their way to make CentOS different from RHEL in a very suboptimal
> way.  Do you really have any justification for complaining if CentOS
> enforces the same password requirements on install as RHEL?
>

I second that.

Valeri

> --keith
>
>
> --
> kkeller at wombat.san-francisco.ca.us
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>


++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++

More information about the CentOS mailing list