rick, you mentioned that "sudo" gives you root power for that one command and only that one command.

Did I get that right, or did I misquote / misunderstand you?

In any case, whether "sudo" grants root power for one command or many commands, I have this question:

How safe is "sudo?"

Think about it like this:

With "sudo" all you need to type to gain God status are 4 letters that everyone knows: sudo.

On the other hand, if you have a root password that only you know, then only you can have God status. A root password provides a security hurdle that only the administrator can over-ride.

From this p.o.v. it seems that "sudo" is a disaster waiting to happen.

Even if "sudo" gives you root power for only one command, that still is root power in the hands of any user, not just the administrator.

What is to stop a troublesome average user from dropping one well placed "sudo" command to screw the entire system?

I'm not trying to flame "sudo" but I am just shocked to learn this and trying to describe the issue to the best of my understanding.

Please clarify and help me out.

No, I believe sudo only works for the user that installed the system.

Every other user does not have default access to sudo.

It's the exact same setup as on Apple computers. In fact, it was copied from them.

Irregardless, as I said before, a root user can easily be setup on any Ubuntu system if the user wants to do that.

Sudo works for anyone in the "sudo" group. I believe Ubuntu defaults the 1st user created into that group, but if you add additional users, you have to add them on purpose.

Ubuntu isn't unique in sudo availability. You can set it up on any distro. Ubuntu is just the only distro that is designed to encourage its use.

EditActually, simply being in the "sudo" group isn't the key. I put myself in the sudo group and tried to execute a privledged command. Error: You are not on the sudoers list. This incident will be reported.

I did a cat on /etc/sudoers, and it said I had to use a special program as root to edit the list. Didn't feel like reading the man page to see just how to go about that. It's pretty secure.

I've been thinking about setting it up on my system. One of these days pretty soon I will.

Sepero. . .do you use sudo on MEPIS 6? Or do you use the traditional su method?

I have been thinking about upgrading to MEPIS 6, but I heard it uses Ubuntu reps, which has scared me off, since I don't understand Ubuntu.

Regardless, how do you like MEPIS 6?

rickh. . .if I understand correctly, you are saying that you must become root before you can add / delete users to / from the "sudo group?" Correct?

I use the "su" method. I've been using Mepis 6.0 for about a month now and I like it better than the 3.4.x versions. Although, often times I think it could be much better. I should soon be testing out Freespire and the new PCLinuxOS, to see how they compare.

my first post. Hi all

If you do "sudo su" in ubuntu you get a root shell which does not require you to type sudo again. Also there is a root shell shortcut in the menu.

The only thing i did not find yet is a graphical access to root. But you can start all only root apps by giving the first user password. I guss one cccan say there is realy no difference in functionality but added security. If one uses sudo the chances of leaving a vulnerable system open if not eliminated minimized.

It's as safe as su.

Your post is wrong, so let me just explain.

(a) read the documentation first!

(b) you can set the sudo priviledges with the command visudo. And yes you have to be root to do this.

(c) the smartest way is way to do this is already in the file, just uncomment out. Users in the wheel group should be allowed to be sudoers and no one else. Why?

The wheel group is the group of users allowed to login as root. Now you're simply extending to them the ability to do a root like command without logging in. It's a shortcut for a permission they already have.

In the wrong hands both su and sudo can be dangerous. The person that doesn't set a root password, and gives all users access to sudo without a password for instance is asking for trouble. But is sudo more dangerous than su? I don't think so.

I can understand thinking this way-- if you've only used sudo in the context of ubuntu you don't realize what it really is, and even worse think it's only for ubuntu! lol

I actually love sudo and install it in any distro that I use.