modestas at vainius.eu
Thu Apr 30 09:43:28 BST 2009
On 2009 m. April 30 d., Thursday 10:52:00 John Tapsell wrote:
> Can you give a "user story" for this? A typical use case?
I think you are exaggerating importance of root on a typical desktop machine.
A typical user is not going to use root frequently so probability to infect
the system and infect it within 15 minutes since the last sudo run is very
small. I'm willing to take this risk rather than be annoyed by password prompt
when I need to execute several root commands in a row (or rerun the last
command). On the other hand, extra security as default nevers hurts.
As far as servers go, I think sudo -k could be a good default.
> I would be kinda against such a configuration option, because of the
> inherent security weakening, although I guess its your choice to shoot
> yourself in the foot :-)
That's GNOME kind of thinking. You can make default as safe as you want, but
please do not force the setting on other people who happen to have different
opinion/needs from you.
Modestas Vainius <modestas at vainius.eu>
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 197 bytes
Desc: This is a digitally signed message part.
More information about the kde-core-devel