Default sudo setup (Was: Re: The Future of Fedora.)
Michael K. Johnson
johnsonm at redhat.com
Wed Dec 10 16:16:00 UTC 2003
On Wed, Dec 10, 2003 at 10:07:43AM -0500, Nathan Fredrickson wrote:
> Apple handles the root issue an interesting way in OSX. The root
> account does not even allow logins by default unless you go to the
> command line and set a password for it. "Admin users" of the system
> instead get added to an admin group that has sudo privileges. By using
> sudo instead of su means that the popup password dialogs expect the
> user's own password instead of the root password.
>
> The overall effect of this setup is that the average user does not even
> know that a root account exists and is simply asked for their password
> when carrying out important tasks. This sort of scheme is familiar to
> many users since it is similar to the way some websites like Ebay or
> Yahoo re-prompt for your password for important operations.
That's definitely a useful idea and worth considering. I have felt
for a long time that we need to streamline the local experience without
destroying security; that's why I wrote pam_console.
I think we'd want to do things differently -- using the wheel group
instead of inventing another group, having a root password by default,
prompting for root password for users not in the wheel group and for
their own password for users in the wheel group, but certainly having
a checkbox for "administrative priviledges" when adding a user graphically
and acting on that is worth discussion.
Other thoughts?
michaelkjohnson
"He that composes himself is wiser than he that composes a book."
Linux Application Development -- Ben Franklin
http://people.redhat.com/johnsonm/lad/
More information about the fedora-devel-list
mailing list