Statler Default Users Setup. (Page 2 of 2)

I keep forgetting Debian likes to be different. gksudo uses the user password on Ubuntu (last I tried it) and Arch lets you change which password it accepts.

sudo is installed but the normal user created is not in the sudoers list (meaning it can't use sudo/gksudo, any command executed with sudo/gksudo by this user will be replied with 'you're not in the sudoers list' message, so to execute any administrative task, they must be executed by the root user, and you can do that with the 'su' or 'gksu' commands and the root password)

The administrator can add the user to the sudoers list with visudo.

BTW, it is a freak out when you set up all your customizations as a user and then switch to root only to find you need to reconfigure everything all over again, so I vote no.

hhh wrote:

BTW, it is a freak out when you set up all your customizations as a user and then switch to root only to find you need to reconfigure everything all over again, so I vote no.

Again, you don't login to X as root. You turn into root user with su or gksu. What do you mean reconfigure everything?

Now that #! will be based on debian, why not do it the debian way, which is the original/normal linux/unix-like way, a 'root' (privileged) user and a separate 'normal' (restricted) user...

You can't login into X as root user (At lest this is the default in all linux distros i have knowledge of).

To install something, what you do (like @titan said) is open a terminal and instead of doing sudo <command>, you type su root, type the root password, which isn't the same of the normal user (what is the key for security here) and you get a root terminal which won't expire like with sudo at a given time.
For root acces to graphical apps just use gksu <graphical-app> and again is the root password what you type. And most times this is already done in menu links to apps like synaptic package manager for example. So it won't really make any discomfort or complication other than having (like logic says) a different password for administrative tasks. And you can still have sudo installed, that's not it, the key here is to have a separate 'root' (administrative privileges) account.
And remember it's not my setup, it's the normal in all linux/unix-like systems. The only system i know that does this 'one user' thing is ubuntu.

I need to learn more about security issues, for me anything past the log-in password is overkill. I never set a different root password, why should I? Can't one logout if they need to leave their computer running and are afraid for it's security? Someone enlighten me.

Whatever Corenomial's final decision I think we all can agree, if #! switches from sudo to root security default, it would be a major change that needs to be thoroughly tested.

A cavalier attitude towards distro-building indeed!

Things that would need to be tested off the top of my head: /root has no user config like wallpaper, GTK theme, openbox config, etc. (since it is not currently intended to be used), any scripts that use "sudo" need to be rewritten and tested, any menu entries using "gksu" might break, GDM  and logout scripts must be tested, documentation & wiki rewritten, etc.

This is not a change you can arbitrarily make just before a stable release; it would require another Alpha release at minimum and change the project timeline.