PAM Recipe to Authenticate on Either the User's Password or Root's Password
Schlaegel
777tahder at schlaegel.com
Mon May 15 15:31:54 UTC 2006
On 5/13/06, Les Mikesell <lesmikesell at gmail.com> wrote:
> > > It's more program philosophy than a social issue. When you
> > > disagree with the author about what the program is supposed
> > > to do, the source code is the place to start.
> >
> > I don't get your meaning. I want to use `sudo` for the purpose it was
> > written, to execute a command as another user.
>
> That's really the purpose of 'su'. Sudo exists for the case where
> you don't know the other user's password. None of the limitations
> that sudo provides mean much if the user executing it has the
> option of using su directly or simply logging in as the other
> user.
This is the kind of debate I was hoping to avoid, as I think it scares
away possible solutions.
The way I see it, there are two camps with views on `su` and `sudo`.
One camp thinks `su` should be used for system administration and that
`sudo` should be used by less trusted users or avoided altogether. The
other camp thinks `su` should be avoided by everyone and that even
administrators who know the root password should opt to use `sudo`.
I don't want to argue over who is right, though if you want to debate
`su` verses `sudo` you can start another thread. My desire is merely
for a technical answer.
More information about the fedora-list
mailing list