Hacker News new | past | comments | ask | show | jobs | submit login

Probably because a lot of damage can be done with sudo.



More than with Touch ID/Face ID that are used in a shit ton of places?


Yeah, one of the things I did once was use sudo emacs to edit the sudoers file (I didn’t know better) and in the process locked myself out of sudo.¹ With sudo you can muck up a lot of permissions/security that shouldn’t get mucked and backing out of that can be challenging.

1. I was able to fix it using Repair Permissions in DiskUtil. If I were running Linux I don’t know that I could have fixed it at all, although maybe Linux is more forgiving of this sort of sin?


This is why you have visudo which checks your changes before saving.

Ps just mentioning it in case you didn't know about it. I know there's still ways to lock yourself out that visudo doesn't catch.


The command back when I did this was sudoedit but I didn't know better, although I don't think it did any checking of the file for validity, just made sure that the correct permissions were in place when I was done. Now, the default sudoers file on MacOS has a comment saying to edit with visudo. But there are enough footguns possible with sudo that any friction to using it is a good thing.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: