When you first sudo, it says:
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
Have you ever gotten the usual lecture from the local System Administrator? Did they put the fear of God in you? Or alternately, did they skip the lecture and leave you underprepared for great power and great responsibility alike?
Incidentally, items #1 and #2 seem to have been present since at least millert’s earliest available commit in 1993 and #3 was apparently upstreamed from Red Hat in 2004.
I’m the local sysadmin for my family, and as my children become old enough to get an account, they most assuredly do receive “the usual lecture” on this topic :)
I have been the person who gives the lecture, usually to developers.
When you onboard as a sysadmin- at least back in the day, you would get the lecture from the senior who was onboarding you.
It boils down to the following:
sudo su -orsudo -swallcommand to give people who are actively using the machine a headsup; you can see if people are on the machine withw.I am the local System Administrator in my organization, and yes, I do indeed give the usual lecture, it boils down to “You don’t have root access, you don’t have sudo access, as a matter of fact, we don’t even have sudo installed, if you need something, just open a ticket.”
Our users are happy :D
Personally, I never got an actual lecture, but I think I got the ethos behind that warning from reading Clifford Stoll’s “The Cuckoo’s Egg.”
This retrocomputing sx post points out that the 1989 Nemeth et. al “Unix system administration handbook” source listing for sudo is introduced with a suggested warning letter beginning: “You may have already been given a lecture at some point as to the moral and social etiquette that you should observe as a superuser.”
I have lectured myself many times, yes. And yet somehow, I never learn.
This program posts news to thousands of machines throughout the entire civilized world. Your message will cost the net hundreds if not thousands of dollars to send everywhere. Please be sure you know what you are doing.
ahhhh, I guess I’m too old and that one has disappeared into the collective memory hole.
I received the lecture once, in 1994. It was a few minutes of discussion about the nature of trust, ethics, and the responsibility of running services that other people were depending on.
I have given a similar talk to junior folks, and had conversations with new-but-senior folks that were effectively: I’m trusting you. You will eventually screw up, but hopefully not too badly. I won’t fire you for screwing up, but I will if you don’t learn from your mistakes or you act unethically.
My local sys admin Bob didn’t care, and neither did we.
Yeah, I got a lecture-after-the-fact and then the sysadmin closed my account. :-)
Surely there’s more to the story!
There are probably several stories, but one time my password wasn’t good enough. The sysadmin had John the Ripper running all the time to find weak passwords. I was young and didn’t care about that particular living room server project… :-)
Actually yes, kinda. It wasn’t needed as it wasn’t my first gig, but our senior admin actually gave me a little privacy (and other topics) talk in 2006 or 2008 when I started taking over some admin duties at that company.
I have not. At work, I think I only have sudo access on machines that aren’t important, like virtual machines that can be easily re-imaged. At home, I should probably think before I type, I guess, but I just deal with things if I break them. :)
Turning a blind eye is one of your professional responsibilities if you are handling other people’s data. Don’t be an asshole.