I’m trying to update my grub boot order back to booting the first option instead of the second, so I run sudo nano /etc/default/grub, but it brings up this, which is not the file I want to edit.

I’m on fedora 38

  • catloaf@lemm.ee
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    1
    ·
    10 months ago

    On shared systems with untrusted users, you’re right. On your own system when you already have full admin rights, sudo nano is fine and doesn’t have any security implications that I’m aware of.

    • Throwaway1234
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      edit-2
      10 months ago

      I agree with the general sentiment. Thank you for mentioning that!

      Though, the use of sudo nano might still pose a risk if any software found on the system is either vulnerable/exploitable, not trusted, or simply exploitative. In that case, like what’s achieved through sandboxing i.e. not allow the software to go beyond their intended scope, it makes sense to put a limit on the capabilities of the software. And to that effect, the use of sudoedit still offers merit over sudo nano.

      Though, if the user doesn’t (already) rely on bubblejail, firejail, Flatpak etc for what they offer in sandboxing. And/or if said user simply doesn’t care for the principle of least privilege, then the use of sudo nano is perfectly valid.