Modestas Vainius modestas at vainius.eu
Thu Apr 30 09:43:28 BST 2009


On 2009 m. April 30 d., Thursday 10:52:00 John Tapsell wrote:
> Can you give a "user story"  for this?  A typical use case?
I think you are exaggerating importance of root on a typical desktop machine. 
A typical user is not going to use root frequently so probability to infect 
the system and infect it within 15 minutes since the last sudo run is very 
small. I'm willing to take this risk rather than be annoyed by password prompt 
when I need to execute several root commands in a row (or rerun the last 
command). On the other hand, extra security as default nevers hurts.

As far as servers go, I think sudo -k could be a good default.

> I would be kinda against such a configuration option, because of the
> inherent security weakening, although I guess its your choice to shoot
> yourself in the foot :-)
That's GNOME kind of thinking. You can make default as safe as you want, but 
please do not force the setting on other people who happen to have different 
opinion/needs from you.

Modestas Vainius <modestas at vainius.eu>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20090430/fe5c54dd/attachment.sig>

More information about the kde-core-devel mailing list