• dev_null
    link
    fedilink
    arrow-up
    2
    ·
    6 months ago

    Yeah, but there is no separation between being able to do day to day administrative actions like installing software, and being able to do destructive actions no one should need to do unless in exceptional circumstances.

    • Norah - She/They@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      3
      ·
      6 months ago

      Right, that was the other point I meant to make. There absolutely is a way to seperate the powers that sudo grants. The sudoers file allows you to limit a user or groups permissions to only certain commands. Distros could and should absolutely take advantage of this.

    • areyouevenreal@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      6 months ago

      Sudo actually has very granular permissions, just almost no one and no distros use them. You might as well replace it with doas for most people.