Linked by Thom Holwerda on Mon 20th Aug 2007 21:09 UTC
Linspire "Freespire, the free as in beer version of the Linspire Linux distribution, this month released Freespire 2.0, the first version of the operating system based on the popular Ubuntu distribution, and the first to contain proprietary codecs and drivers. Despite its attractive appearance, it left me with mixed feelings."
Thread beginning with comment 264683
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Sounds okay, but needs polish
by lemur2 on Mon 20th Aug 2007 23:48 UTC in reply to "Sounds okay, but needs polish"
lemur2
Member since:
2007-02-17

I couldn't tell Freespire is built upon Ubuntu until I used the command line or the native package management system. Under Ubuntu, many commands required the use of sudo to gain superuser privilege. I find it easier to use su to become root once than to use sudo for every command, so the first thing I do in a Ubuntu-based distro is set a root password.

This sounds convenient but dangerous. Is there a good reason to get around security, really?


The best method I find for Ubuntu is to use the command 'sudo bash' instead of 'su'.

Using 'sudo bash' is more-or-less equivalent to 'su' except that the former does not require a superuser password and the latter does.

Reply Parent Score: 4

MamiyaOtaru Member since:
2005-11-11

'sudo -i' is my preferred way. Same reason really, no root password. Of course, the user who can sudo must now be treated with a little care, so my routine involves su adminuser, adminuser password, sudo -i, adminuser password. the fun that is is immeasurable

Reply Parent Score: 4

BluenoseJake Member since:
2005-08-11

"Using 'sudo bash' is more-or-less equivalent to 'su' except that the former does not require a superuser password and the latter does."

uh, su requires the root password, at least it has on every Linux/BSD I've ever used.

Reply Parent Score: 2

BluenoseJake Member since:
2005-08-11

oops, sorry, reread the question. my bad

Reply Parent Score: 2

libray Member since:
2005-08-27

Using sudo has its own consequences. If I can attack your system and gain your password, and you allow your user to do things as root via sudo with password, then I have root via sudo, without the real root password.

Worse is if your system has something like

reguser ALL=NOPASSWD:ALL

Then I would need no passwords, only to exploit a normal user account through a hole.

There is nothing wrong with requiring root to have a password and locking root to local logins. It is, in fact, better than the misuse of sudo as it has been used by default. Remember, your sudo based security setups only require one password to be stolen.

Reply Parent Score: 3