After writing documentation for many years, once in a while I come across a post on the Internet that makes me wonder why I bother. So I thought we could turn it into a game.
Basically it’s like spot the difference, see how many things you can spot that are wrong with it and post them here.
Here is the post in question and it is a cracker. I can think of several things that are wrong with it but see what you can come up with. Here’s a starting hint – man visudo.
1) ubuntu asks you for YOUR password, NOT the administrators
2) doing everything trough su instead of using sudo (figures the sudo tut would not use sudo)
3) changing /etc/sudoers permissions
4) not using visudo
5) removing password requirement for ALL admins (sadly the point of the article)
6) not chaning /etc/sudoers permissions back (OMFG)
7) failure to mention sudo’s ability to only ask you for the password once per session/timeslot
Wow, not one step was correct. Hope your post doesn’t bring that article higher in google’s results
I shouldn’t think it will, it was already embedded in Stumbleupon which is how I came across it. That and not many read my blog
So, they should have used visudo to make passwordless sudo, but more importantly, why would anyone want to do this? Has to be the stupidest idea since the first person to put his head in a lion’s mouth. If this was set on a laptop, anyone with minimal knowledge could mess the system up.
Run su, eh?
What, exactly, do you type in as a password when prompted? Ubuntu has no root password.
sudo -i is the way to a root shell in Ubuntu.
And that’s just for starters. I won’t get into editing /etc/sudoers with gEdit (eeek!), nor the fact that no explanation as to how to open gEdit with super-user privileges is given.
But I do enjoy the phrase, “It will literally save you time and increase productivity.” Damn! I wanted something that only figuratively saved me time!
Instead of helping users avoid using the terminal, it includes a futile and horribly insecure attempt to make it user-friendly.
Yeah, I actually wondered if it was something more sinister – like an attempt at social engineering.
1. Always use visudo to edit the sudoers file.
2. Perms on the sudoers file should be 440.
3. I don’t even know if the added line will work. It’s a bit funny when the sudoers file gives a perfectly good example, just a couple lines up. Oops!
After reading the post, I now know the meaning of annoying.
Well, he is now mentioning that visudo should be used (but is still recommending this horrible practice). Interresting that he hasn’t replaced the gedit screenshot…