Linked by Eugenia Loli on Wed 22nd Mar 2006 02:44 UTC
Mac OS X In Mac OS X, the root account is disabled by default. The first user account created is added to the admin group and that user can use the sudo command to execute other commands as root. The conventional wisdom is that sudo is the most secure way to run root commands, but a closer look reveals a picture that is not so clear.
Permalink for comment 106606
To read all comments associated with this story, please click here.
Member since:

With sudo, you type every command that requires root privilege with "sudo command". With a root shell, you only type "command". The problem is "accident". With a root shell, it is possible that you do some wrong thing that is unrecoverable by, e.g., mis-typing. That's a danger of using root account that I think a lot of us experienced before. In my experience, if I explicitly use "sudo command", I am effectively saying that "I know I am doing administrative work, I know I need precautions, I am not typing wrong commands and I know what I am doing". Just in case you know you typed something wrong in the command after pressing enter, you still have a chance because sudo requires a password in order to run, not run immediately like the root shell.

Reply Score: 4