He who has root…

It is a substantial flaw in Microsoft Windows’ security scheme that administrator access is required for just about everything. Drivers go in at the kernel level and pretty much all software requires admin access, not just to install, but to run. Since our new ERP package is web based, we tried to have users in training labs not be administrator, but then they couldn’t connect to a printer or do other things they needed to. Our new residence management package requires admin access, even though it’s web based as well, because the activeX control requires administrator access to install. Even the most simple of tasks on Windows will require admin access, to the extent where the machine just isn’t safe.

Vista implemented UAC, which at least puts a sudo-like prompt in (though you don’t necessarily need to be in a certain group or have a password to use it) which has you click a button to do something as an administrator. The idea is that this warns the user that something important is going on. Unfortunately, over time people become desensitized to this sort of thing and just start clicking through. It doesn’t solve the problem of programs written that require root access to even run.

And generally, Linux does this pretty well. Programs require root to install, but most don’t require that level of access to run unless they really need it. And when they do require root, I can usually use sudo (because I’ve placed my username in the wheel group, so even that is limited), which means I don’t have to actually type the root password in.

But then something stupid comes up, like daylight savings time where I need to change my clock, and openSUSE has to freaking run YaST (requiring the root password, not just sudo) in order to change the time. Why? Why is that necessary? And my tablet is slow enough that YaST just kills it, so it takes so long to change my clock that it ends up being a minute or so behind at the end (because the process takes that long to run).

I like sudo + wheel group, and I hate having to do stuff as root/admin. I particularly hate having to use root/admin for simple, non-system-impacting processes. I have no conclusion or solution to this situation, I just needed to rant.

P.S. Linux Mint, which I use at home, updated my time automagically. Silly openSUSE.