gpsd-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration"

From: Michael J. Tubby B.Sc. MIET
Subject: Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration"
Date: Fri, 15 Jan 2021 20:27:34 +0000
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1


On 15/01/2021 19:42, Gary E. Miller wrote:
Yo Joshua!

On Fri, 15 Jan 2021 14:37:25 -0500
Joshua Judson Rosen <rozzin@hackerposse.com> wrote:


And to readers who don't already agree with it, I think this
particular claim just makes the author look silly.... If you
_really_ want it to be in there, you should probably substantiate
so that readers actually take it seriously instead of just
dismissing it as the ramblings of a crank.  

Are you referring to Bernie or myself as silly?  Or both of us?  

I'm not actually calling _you_ or _Bernd_ silly per se; I'm saying
that the _claim_:

	
	sudo is "Security Theater".
	Having sudo enabled on a computer makes it demonstrably less
secure.

If you dispute that you dispute me.  I have suffered with sudo for
decades.

Nothing wrong with sudo ... its just another form of 'su', when used like this:

    sudo bash

;-)



      

        
... _presented unsubstantiated_ as it is,


      

      
Google is your friend.  Pay particular attention to UNIX rootkits.



      

        
_looks_ silly if read by
someone who probably _likes sudo_ because they're not already
familiar with whatever rationale is behind that statement. (maybe it
actually is, maybe it actually isn't--I'm aware of some arguments in
both directions about some specific sudo deployment strategies and
rationales..., but I'm not sure what _your_ rationale is, so I've
withheld judgement in this specific case ;))


      

      
I'll not be puulled off topic of ubxtool and its examples.



      

        

          
If you are referring to my comments, I'd be perfectlyl happy to
substantiate them here.  The ubxtool examples is not the correct
place for such an in depth discussion.  


        

        
Discussion buried in the gpsd-dev list archives is not going to
change how someone reading that doc receives it; unless you're
planning to link to it from the doc?


      

      
Funny you should ment that.  The reason for that addition is for exactly
the reasons you just stated!  Great minds think alike!



      

        
I agree that `in the middle of a ubxtool example' is not really the
correct place to be inserting an essay about sudo...,


      

      
I do not agree.  sudo is the #1 problem people have had with the
previous versions of the ubxtool exmaples doc.  The doc is to help
people use ubxtool, and understanding how sudo breaks ubxtool is
important to the success of that doc.



      

        
In general, I find "if a piece of text can be expected to make the
readers go `WTF?', add a hyperlink that can cure them of the WTF" is
a useful guideline.


      

      
A good teach should give his students an WTF moment as often as possible.
Otherwise they learn little.



      

        

          
     ubstool should check it is running under sudo and fail.

Do I have that correct?  So instead of maybe failing under sudo it
always fails?  


        

        
Yeah, basically--but more specifically: fail early, fail loudly,
and fail benignly, i.e. fail out _before_ / _instead of_ doing
whatever damage you're concerned might result from `running normally
but with sudo'.


      

      
Get Bernie to agree and I'll do it.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem@rellim.com  Tel:+1 541 382 8588

	    Veritas liberabit vos. -- Quid est veritas?
    "If you can't measure it, you can't improve it." - Lord Kelvin


    

    

    
-- 

      
      
      
  

      
      
 Michael J Tubby B.Sc. (Hons) MIET / Technical Director

        Email: mike.tubby@thorcom.co.uk

        Direct: +44 (0)1905 752892

        Mobile: +44 (0)7973 225144 

      
      
 Thorcom Systems Limited

        Office: +44 (0)1905 756 700

          Unit 4, 96B Blackpole Trading Estate West,
            Worcester, WR3 8TJ, England, UK

          Registered in England & Wales 02704696 /
            VAT Number GB487925681

        

      
         
      
 
        
        
      

      
      
This email and any attachments to it may be
        confidential or legally privileged and are intended solely the
        individual to whom it is addressed.

        If you are not the intended recipient of this email, you must
        not take any action based upon its contents or disclose its
        contents to any third-party.

        This email footer is intended to identify the sender and does
        not constitute a signature or agreement to enter into any form
        of legally binding contract.

        While the author has taken reasonable care in the preparation of
        this email Errors and Omissions Excepted (E&OE).

        Any views or opinions expressed are those of the author and do
        not necessarily represent those of Thorcom Systems Limited.

        Please contact the sender if you believe you have received this
        email in error.

      

    

  














reply via email to








[Prev in Thread]
Current Thread
[Next in Thread]