I don’t get what the benefits of windows are supposed to be. I just want to play games and ride on the information superhighway. Why would I even want a… Cortana or paperclip or whatever?
The redpill is that there are none. You know how wndows search is absolute crap, but you can get actually decent search results with Powertoys Run? You know how instead of trolling through control pannel and Settings, you can just directly search for whatever configuration you need with god mode? You know how wndows has a package manager, but it is not even installed by default? Or how it supports hibernation (suspend-to-disk), but hides it from the power menu? Ask yourself, why add all of these useful features, and then hide them far away, while presenting the user with a painfully outdated interface bloated with crap like cpilot or crtana or whatever? The answer is that to remain relevant, Mcrosft needs to keep the computing experience painful for their users. If they make Wndows actually nice to use, people will swiftly realize that using your computer can actually be enjoyable. And that leads to trying out alternatives like BSD and Linux. And trying out alternatives leads to finding out that those alternatives are superior. Think about it. They’ve already lost in the server world. Once the remaining office workers and college students realize that mcrosft has been pissing in their mouths while telling them that it’s raining, the only userbase that will be left are “capital G” gming addicts. And that demographic is also slowly waning thanks to wine and the fact that modern vdeo gmes are slowly becoming utter trash.
No, I don’t know any of that. Some of those words are familiar, tho. Sorry, I ain’t had a Windows partition on my own personal computer since… damn I forgot what the one before 7 was called - Vista! We still had the family gaming PC, and I stayed buying games during steam and gog sales (even tho I mostly played on consoles - Nintendos and PlayStations only, lol) but I guess I haven’t actually been on it since Windows 8 and I hated it so much! But it’s gone now anyway, cannibalized for parts. Only 1 kid left at home, he’s got his own PC, and I don’t even know what version of windows he’s running. It’s hilarious, go back a few decades and I was free windows tech support for everyone, but now I don’t even know how to Windows.
And look, I’m probably just a trash monster. Like, I’m playing Just Cause 4 on my PS4 right now. And I play plenty of other trash (but also some good games) on my Garuda (it’s based on arch, btw - installed by my husband who has only ever installed windows in his life, with very minimal input from me) gaming PC. I also have the steam deck, but once my son donated parts after his latest PC upgrade, the steam deck just mostly gets picked up to do a little update every so often - but I’m about to go on a trip (and the switch has already been claimed)! To be fair to the steam deck, I mostly don’t even power on my gaming PC, as I really love my PS4 (I can’t stand the PS5 and usually only get on it to help my grandson when he’s here) and my rarely-turned-off MX Linux PC (I don’t hate the KDE of Garuda, but there’s a reason I use an XFCE-based distro as my daily driver).
I might be a gaming addict. But Microsoft hasn’t had anything to offer me since like, George W Bush was president. And even then, it was steam then gog who really had stuff to offer me on the PC. And in the console department, they ain’t ever had anything I’ve wanted, maybe my hands are too small or something but I’ve always hated the Xbox controller.
I just want a modern AMD apu laptop with coreboot, slotted ram and multiple nvme slots, but like everything these days it would seem I’m asking for too much.
My modded t440p goes with me everywhere until then. I have that IIRC core2 dell(?) armored laptop running fully blobless too but it’s just a server backing up my 2fa emergency keys and such things. It was a fun little side project building and flashing coreboot but the hardware is a bit dated these days. The t440p is good for anything other than gaming or 4k movies at least.
I bought a lenovo p14s AMD 2 years ago without OS, 32GB RAM and M.2 SSD, very happy with Arch, BTW. Coreboot would be nice, but it doesn’t seem feasible yet…
my current dell one has an amd cpu, slotted ram (no soldered on crap) and nvme + sata (with space for a drive); too bad the build quality and the touchpad sucks
my old lenovo one also had replacable slotted cpus (with Pentium 2020m pre-installed). The lid also just slid off (like on a rail), with only one screw needing removal, no flimsy plastic clips. I broke plastic part of the hinge on that one by just flipping it over, oh well.
Alternatively you could use my favorite approach, Visual Studio Code. Just open the file with it, edit it and upon saving you will be promoted if the file needs admin rights to save.
Yes, but if you want to argue along those lines, you could also have an infected version of vim on your system just waiting to do malicious stuff until you give it sudo access.
No offense, but that sounds like more OCD behavior. 😅 I don’t need or want protection against myself, and I even loath the whole “that’s not how you’re supposed to do it”-mentality of linux (where when commands know very well what you want, instead of doing it, just tell you you forgot something). 😅
It’s not any OCD behavior, but simply the best practices. You’ve probably at least minimally familiar with the principal of least privilege? The idea is to minimize scope of a potential problem , was it malicious attack or user error, by restricting access to minimum required to perform a task. It may feel like fighting pedantically (and I’ve been fighting this more than I’d care to) but it will save your ass one day.
Sure, but sudo is specifically designed with security in mind as a security program, whereas text editors are not (although I am more likely to trust vim than vscode). Running a malicious program as the user and not as root can help mitigate the impact it could do, even though it will still be able to do a lot as a user.
What do you mean get root itself with a modified su? A program that has been run as a user cannot just get root permissions, that’s called a privilege escalation attack and is a serious vulnerability in the kernel which gets fixed quickly when found.
Of course it applies to any software, but some programs are more vulnerable than others. For example, when you want to have cryptography in your program, you use an established library, not write the algorithms yourself, because those libraries were written with security in mind (i.e. have protections against different kinds of attacks, for example, side channel attacks, in addition to being implemented properly). The whole point is to minimize the surface of attack, so that your system is more secure. And one way of doing so is to not give root permissions to programs that don’t need it (such as text editors like nano).
Yeah, well, as you said: it’s probably fixed by now, but I used to have a universal su that would work on any armv7 linux (so basically every phone back then, but also on my armv7 little laptop I had at the time…) with which I was able to easily root any phone by putting it in /data/local and making it bootable, then using full path to move any Android root files in place (though I did also just copy that su itself to /system/bin for root on cheaper phones sometimes, which is just playing with fire as it basically makes any root action unseen and allowed. 😂). That did work for years though, but that’s probably cause Android minimizes the linux and never actually updated the kernel so much, and the laptop’s flashed OS was something altered with also very little updates. And ARM was still quite new to the public too. 🤷♂️
I remember I came across it in the rooting package for my Kindle Fire and only found out it could do that by accident,… 😅 It couldn’t change user, though, it had only 1 use without parameters, which resulted as if you do a ‘sudo su’ if you remove the sudo password-requirement.
Hence why I used the example. I wasn’t being limitative to it, though. There’s so many things that could screw you if it has a vulnerability, if it happens I very much doubt it’ll be through nano, though.
Again, like I replied to the other comment, most of the programs you need root for are designed with security in mind and are inherently more secure and have less vulnerabilities than a non security focused program (that is not to say that it is impossible for a security program to have vulnerabilities -it certainly occurred before and keeps occurring- they just have a lot fewer). But even if you need root permissions for a non security focused program, you still shouldn’t let any program have it, the whole point is to minimize the surface of attack.
sudoedit opens the editor as your user and just writes the file as root. For a single user who is also admin on the system this does not matter in many cases.
In a multi user context you can easily escape your editor and run a shell which allows a non admin user to escalate their privileges. So from a security implementation standpoint this must exist and it does for this reason.
Of course this also prevents some mistakes from happening and a bad plugin cannot destroy your whole system easily and so on. It boils down to good practice.
sudo is not simply a tool to give admin privileges, but a tool to manage elevated permissions or run commands in a different users context.
These things become a lot more relevant once you use the tools professionally. In a well configured system you are only allowed to run the things you are explicitly allowed.
To be completely honest sudo is basically pointless in a single user context. There is almost no reason to even have it installed. It makes dealing with different environments easier though.
Anyway as I said it does not matter in many cases if you are the systems administrator. On the other hand there is also no benefit in getting used to bad practices in case you have to unlearn them later.
One more thing: what you suggest with chroot is one of the very reasons why you should not do that. You might have handed over the keys to break out of chroot. It is a well known vector which boils down to never run anything as root in a chroot environment.
I appreciate all the answers on what started out to mostly be a joke (the first comment, I’m not saying the rest was, I actually do mean my follow-up discussions and am enjoying them more than I should). 😅
Anyway, first I must disagree with sudo being useless in a single-user environment since some services have non-user (nologin) accounts as which you still need to run things sometimes, so sudo is commonly useful in single-user environments (though you could technically go set bash for those, I suppose.)
But yeah, I’m already used to “bad practices” as I have been using linux for 24 years now (when it still was it’s predecessor ‘pico’ 😅) (I said over ‘10’ years in an earlier comment, but I just realized I’m 40 and still calculated from 30. 😂 Wishful thinking. 😅) in what is assumed a bad practice, not only without any problems, but even because it never gave me problems.
Might be an age thing too, but I hold on to ease of use over best-practice, especially if it hasn’t failed me in two decades and a half. I think it would take an actual attack on me abusing this behavior for me to stop doing it by now… And even then, I installed linux so many times in my life, even that seems more musclememory and not such a hassle anymore… 😅 At least I could make use of my backup system for once then… 😅
Doing sudo nano will not load your user configuration, sudoedit will. I had plenty of problems with this, but I assume you don’t have any custom configuration.
linuxmemes
Active
This magazine is from a federated server and may be incomplete. Browse more on the original instance.