From owner-freebsd-questions@FreeBSD.ORG Thu Apr 5 19:17:00 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id DC89716A401 for ; Thu, 5 Apr 2007 19:17:00 +0000 (UTC) (envelope-from jerrymc@gizmo.acns.msu.edu) Received: from gizmo.acns.msu.edu (gizmo.acns.msu.edu [35.8.1.43]) by mx1.freebsd.org (Postfix) with ESMTP id A559613C43E for ; Thu, 5 Apr 2007 19:17:00 +0000 (UTC) (envelope-from jerrymc@gizmo.acns.msu.edu) Received: from gizmo.acns.msu.edu (localhost [127.0.0.1]) by gizmo.acns.msu.edu (8.13.6/8.13.6) with ESMTP id l35JFQQn094770; Thu, 5 Apr 2007 15:15:26 -0400 (EDT) (envelope-from jerrymc@gizmo.acns.msu.edu) Received: (from jerrymc@localhost) by gizmo.acns.msu.edu (8.13.6/8.13.6/Submit) id l35JFQsQ094769; Thu, 5 Apr 2007 15:15:26 -0400 (EDT) (envelope-from jerrymc) Date: Thu, 5 Apr 2007 15:15:26 -0400 From: Jerry McAllister To: "Jeremy C. Reed" Message-ID: <20070405191526.GA94631@gizmo.acns.msu.edu> References: <7d4f41f50704050142v9c73a17tb1812f218ea4416@mail.gmail.com> <4615030B.5040809@daleco.biz> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.2i Cc: Victor Engmark , freebsd-questions@freebsd.org Subject: Re: Should sudo be used? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Apr 2007 19:17:00 -0000 On Thu, Apr 05, 2007 at 11:28:34AM -0500, Jeremy C. Reed wrote: > On Thu, 5 Apr 2007, Kevin Kinsey wrote: > > > I thought I might also mention a potential "sudo"-shortcoming. :-D > > > > See: > > http://bsdwiki.reedmedia.net/wiki/Recognize_basic_recommended_access_methods.html > > > > Where I wrote about a "quoting problem" that occasionally confuses > > newbs like me. Finally got around to reading the wiki page. It is good. I noticed one grammatical thing of question. In the first paragraph under "Use ssh instead of Telnet or rsh/rlogin" it says "they should never be used to administrate a machine over a network," I think the word should be 'administer' instead of 'administrate' unless this is some sort of British thing. I know, picky picky, but it just stood out to me as I was reading. Also, although telnet is a hole nowdays for logging in to a system with an id and password for the very reasons you have given, it still has a use. You can use it to easily poke at a port and check the response to see if something is up and working. Of course, in that case you would probably not be sending an id and password, just some common handshaking strings that don't reveal any secrets to anyone. This is really a different issue from what was the OP or the intent of the wiki article, of course. ////jerry > > Hi Kevin, > > I wasn't following this thread, but I read some of it now. > > I had a quick look at your text ... I think it would be easier to just > use: > > echo 'natd_enable="YES"' | sudo tee -a /etc/rc.conf > > > Also, I don't speak for the BSD certification project, although I have > > helped flesh out content on the wiki above. It appears that I changed > > the wording from "using the possibly 3rd-party sudo" to "possibly using > > the 3rd-party sudo" thinking that the objective's wording was in error, > > when actually those statements imply different meaning. I'm copying > > Jeremy Reed on this, who is closer to the Cert project and probably > > *can* speak for them. I'd imagine I need to find some way to fix that, > > because it sure seems to read as if *they* recommend using sudo.... ;-) > > The objective covers sudo no matter what. Our job task survey indicated > that sudo is very important and essential for junior admins and > intermediate/advanced admins. > > The "possibly" emphasis should be on "third-party". So the "Concept" on > the wiki page is wrong, but the "More information" at the bottom is > correct. > > Thanks for sending the email. > > Jeremy C. Reed > > p.s. And thank you Kevin for your work there. I have a lot of work to do > and as you know the deadlines have past. If anyone else is interested in > helping get this finished, please email me. No matter what I will publish > the book (and then publish a new book when updated maybe 6 months or a > year later). > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"