• dev_null@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    6 个月前

    Yeah, I feel like Linux needs the equivalent of Administrator accounts on Windows. Root is the equivalent of the System account on Windows, something even power users might never encounter, because it’s a level of power you shouldn’t ever need.

    We need users to have permission to install software and do other administrative tasks, without having permission to do very destructive actions like uninstalling core system packages. Aunt Flo should be able to install Mahjong from her distros package manager GUI, without needing dangerous root access.

    • Norah - She/They@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      3
      ·
      6 个月前

      Well, no, not exactly. Most accounts on desktop linux distros are admin accounts. The way I would define that is whether or not the user has sudo permissions, either by being in the sudo group or sudoers file. Some distros do ask if you want the user to be admin. And that’s pretty analagous to being admin on windows and getting a UAC prompt for an elevated process.

      • dev_null@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        6 个月前

        Yeah, but there is no separation between being able to do day to day administrative actions like installing software, and being able to do destructive actions no one should need to do unless in exceptional circumstances.

        • Norah - She/They@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          3
          ·
          6 个月前

          Right, that was the other point I meant to make. There absolutely is a way to seperate the powers that sudo grants. The sudoers file allows you to limit a user or groups permissions to only certain commands. Distros could and should absolutely take advantage of this.

        • areyouevenreal@lemm.ee
          link
          fedilink
          arrow-up
          2
          ·
          6 个月前

          Sudo actually has very granular permissions, just almost no one and no distros use them. You might as well replace it with doas for most people.