lol iceman re the man pages.
I have read up on sudo and how you can use it to finegrain access
even down to different arguments for commands e.g. 'make' versus 'make install'
the latter requiring uid 0 when really installing in the main system instead of installing
locally to one's own area.
I have also read that allowing ALL privileges in any sudo account means that you then need to protect that account the same way you would protect the root account i.e. not use that account when on the Internet etc.
sudo is my favourite means of doing anything uid 0 oriented but setting up that fine grain access can be a bit of a pain in the neck for a home system where the user might well be the sys admin and the web developer and the tea maker and the developer and the cleaner.
There are a few tasks that need root access on a home system.
This might sound like a flippant question but it's not meant to be. Having uid 0 means that you can do an awful lot of things that you can't do as a normal user. But if you are tucked up behind some iptables, chkrootkit regularly and any connection that you didn't initiate is dropped at iptables then what's the beef with how you get to uid 0 status?
(Not that I do anything logged in as root while on the Internet... nor anything much as root anyway ... I've an account set up to do a lot of admin tasks and as I have control over my system I can visudo as and when I need it.).
