Todd C. Miller has been maintaining the #sudo codebase for over 30 years.

@martinosacchi @pafurijaz “sudo” is short for “superuser do”. It is a widely used system administration tool that lets you run commands with “superuser” privileges, so you can change and access pretty much any part of a system. For security, your account needs to be on a list and you need to enter a password to use it. If left unmaintained, bugs won’t be fixed or necessary changes made. This could result in security holes allowing systems to be compromised.

@egoldblatt @crocodisle @rastilin @pafurijaz
Whether or not a software is free (as in freedom) depends on the license. It has nothing to do with money. (And selling is even allowed under Free Software licenses.) Just because English has a hard time with words it doesn't mean that the meaning of "Free Software" changes.

@egoldblatt @rastilin @pafurijaz
Users and corporations are already paying for free software. It's just that the stack is just too large and they tend to only pay for end-products. (And not enough for those so that the depending projects get their fair share) Basically another case of "trickle down economy" not working and why we need more government based support for free software projects.

@lautreg @spacehobo @pafurijaz
A desktop environment depends on sudo? So it doesn't work for regular/unprivileged users?

@spacehobo @lautreg @pafurijaz
That is an idiotic assumption on a networked multi user system.

User needs an admin? Call tech support, admin handles it remotely via ssh.

If the desktop assumes sudo, that might just end up with the user getting to talk to HR and IT security.

@leeloo @spacehobo @pafurijaz
If the user isn't in sudo group, no problems.

@lautreg @spacehobo @pafurijaz
How can you depend on sudo, but then not have problems when the user doesn't have permission to run sudo?

@leeloo @spacehobo @pafurijaz
I prefer use doas.
But, if there is KDE, I must keep sudo, but I don't use it.
It's my personal computer.
Servers don't have desktop environments.

In fact, I need the admin display challenge (that use sudo) when I change the theme for sddm, or lightm.

For people whis computer managed by me, they use doas because I teach them, if I think I can allow them to make some admin task.

@lautreg @spacehobo @pafurijaz theres also 'run0' in SystemD

@leeloo @lautreg @spacehobo @pafurijaz True they should not depend on sudo, they should depend on 'whatever' defined by some config that could be sudo like $EDITOR. sudo is not 'critical infrastructure', just a means to elevate privilege. You can do this without sudo, its a convenience util and maybe not even the right way to do things. I don't really know what to say to "having to call helpdesk when you need a patch". Aaanyway I hope someone supports, perhaps someone that needs sudo.

@pafurijaz IBM alone should be sending him a million bux a year. #RedHat

@pafurijaz we need a better way to charge corporations with buckets of cash, as opposed to folks on a shoestring.

Or just outlaw billionaires

@lautreg @spacehobo @pafurijaz
How did servers become part of this discussion?

@leeloo @spacehobo @lautreg @pafurijaz

``That is an idiotic assumption on a networked multi user system.''

Arguably running a desktop on a networked multi-user system is the idiotic decision. Or not using an immutable OS like #guix, which allows users to safely install their own package requirements, is the idiotic part?

Either way, the problem is architectural (and deep!), not with the desktop per se.

@khleedril @spacehobo @lautreg @pafurijaz
"Or not using an immutable OS like #guix, which allows users to safely install their own package requirements, is the idiotic part?"

How would corporate IT prevent people from installing non-approved software in that case?

@leeloo @spacehobo @lautreg @pafurijaz

That can be done. In the case of #guix, the guix application itself could be restricted to the admin user, or users in the sudo group.

@pafurijaz The discussion of monetary support is missing the point.
If he's been supporting it for 30+ years, he is probably 50+ and due to retire sometime soon.
So what happens if he falls ill, or (hopefully not) dies?

@egoldblatt @rastilin @pafurijaz

IANAL, but I suspect in a lot of jurisdictions, if you charge for the software, you can't "disclaim the implied warranties of merchantability and fitness for a particular purpose", as GPL has it.