Wow, you completely do not understand the purpose of sudo or how it works. If you don't want a user to be able to use sudo, don't place the user in the sudoers list. Anyone in that list is by definition a privileged user (a sudoer), so sudo does in fact require a privileged username and password.

Sounds like a perfect recipe for becoming a single-user operating system.

Some people need to lighten up and/or get up to date with slang terms. "Kill yourself now" does not mean you expect someone to actually kill themselves, just like "that's cool" does not mean "that's cold to the touch".

/sigh

This world will PC itself to death some day.

It's been a while since I did a clean install of either, but I believe the default configuration of both Ubuntu and Fedora is for users to "sudo anything", using their own password for authentication. Easily changed, but it *is* the default.

I've never looked into it as i don't manage Linux professionally but shouldn't there be a way of assigning users the ability to do these things?

This is something Ubuntu does via its sudo system and it's 100% wrong - -asks that can significantly change your system installation should require a privileged username/password and not a normal user's!

it only accepts your own (unprivileged - or at least it should be) password!

The very first thing I do on such a broken Ubuntu system is "sudo passwd root", so that I can su to root and do my privileged stuff that way

Genius that, because Ubuntu sets a random root password and never tells you it, ho hum.

Sorry but English is not my native or first language, it might not be obvious for me at first.

The recommendations of suicide from Linus were clearly misdirected.

I know most people thinks its a hassle to type in the root password, but seriously, how many times do you configure printers?

I talk with on a daily basis will think that expression is advocating suicide.

need to have the root password to access some wireless network, or to be able to print out a paper, or to change the date-and-time settings

there should be 2 levels:
- root: master of the universe
- admin: capable of common tasks that affect all users on a box and yet is not capable to make liefe impossible (if you get my drift)

What about all the people who use OpenSuse on their servers?

What If I have a team of web developers and admins spread across the world and every morning they change the system time because they think it's not right in their country?

What if I don't want developers at the other side of the world to print crap on my printer?

I have absolutely none of those problems. I just run as root all the time. Heck, root IS my user account.

Stop being a sissy. Every time you sudo a command, you deserve to have your man card taken away

This application is trusted todo the following.

This is creating true secuirty by obscurity.

How is this better than "this user is allowed to do A and B but not C"?

But aren't you afraid you'll accidentally type in some command that would crash the system?"

"No more that I'm afraid I'll accidentally say something like You're a complete fraud!"

"That's completely different."

"Yes, it's a lot easier to say something without thinking than to type it."

That's what groups are for. Restrict common admin tasks to members of admin groups. ....

However, for servers, you should never use sudo.

Most servers have servers such as openssh and mail running.

Hopefully this extra time will make it possible for someone to notice the attack.

Full sudo rights on a server == full root for everyone on the internet courtesy of botnets.

but now when I compile a program or browse Internet.

But is this actually how policykit is set up on any current distro? I'm pretty sure any application run in the user account has full access to all user data.

As you said, the system can be re-installed in an hour so a system compromise or failure is not as serious as that of user data loss.

another distro for a macbook air ? WHY... the thing is designed for Mac OS... either you buy into that deal or you don't. I don't try to feed my cat dogfood either after all.

[As Stallman said: "I am not the one who calls GNU for Stallmanix"

Adding a printer

Attaching to a new wireless network

Changing system time

Adding a printer
Might require access to another driver besides the default one. Which if not installed, will need to be installed thus opening a security exploit, depending on the source of the driver binary.

Attaching to a new wireless network
It exposes the computer to a another network. Depending on the wireless security settings, another exploit vector might now be open to the world.

Changing system time
Many OS services/daemons depend on the current time and take decisions based on time. Every time you change system time, it might have unexpected consequences on system behavior.

Should we all stop using those because the highly unlikely chance that it might encourage some moron to follow them literally?

I've seen people enable sshd on root accounts without using a key

Like any tool, sudo can be used correctly but unfortunately people don't use it this way. Just because you setup your server competently doesn't mean it's common.

No LDAP. I'm thinking web hosting, virtual private servers and small shops

I used to work for hosting companies.