I'm a new FreeBSD user.
One of the things that always perplexed me with Linux distributions is the use of sudo. I kept hearing that sudo is better than using root, but it never made sense to me.
People give ALL access to wheel group, then add "myuser" to wheel. Then use myuser to administer the box using sudo. The whole thing feels like security theater to me. You are effectively root in that account. How is this more secure than just logging in as root to administer the box? What benefit of sudo am I missing? Wouldn't it be installed out the box with FreeBSD if it was "the better way?"
I'm planning to use fabric to automate some setup tasks (installing software, configuring the system, etc) and I intend to use the toor account for this. ie. I login as toor using SSH and then Fabric takes over. Is this a reasonable "FreeBSD-approved" (is there a word for this? similar to Pythonic?) way of doing things?
One of the things that always perplexed me with Linux distributions is the use of sudo. I kept hearing that sudo is better than using root, but it never made sense to me.
People give ALL access to wheel group, then add "myuser" to wheel. Then use myuser to administer the box using sudo. The whole thing feels like security theater to me. You are effectively root in that account. How is this more secure than just logging in as root to administer the box? What benefit of sudo am I missing? Wouldn't it be installed out the box with FreeBSD if it was "the better way?"
I'm planning to use fabric to automate some setup tasks (installing software, configuring the system, etc) and I intend to use the toor account for this. ie. I login as toor using SSH and then Fabric takes over. Is this a reasonable "FreeBSD-approved" (is there a word for this? similar to Pythonic?) way of doing things?