DistroWatch Published a First Impression of Project Trident


#1

You can read the first impression here: https://distrowatch.com/weekly.php?issue=20190211#trident


#2

Thanks. Interesting read. Fairly balanced I thought, except for the comments about the installer. But heck, I’m the guy that is fine with a text/curses based installer, graphical not needed.


#3

Good to see Trident getting traction on Distrowatch seeing as TrueOS topped at #9 before the shuffle… I felt the same as @mer about the review, but hadn’t considered the stated security concerns in my use case… I would think that non-wheel users should be more limited than they apparently are… Guess I’ll should do some digging on user/group control before expanding to a multiuser environment [which I have no need for, but I just like digging :wink: ]


#4

@EMCp the security “hole” isn’t really a hole or as bad as the review makes out. Sysadm-client runs as the user, the backend it talks to is what has elevated privs. Simple way to close the hole is simple stop the back end (rc-update delete sysadm). Of course that means you have to do all the functionality by hand (my preference anyway).
One could also disable the autostart of sysadm client for all users too.

Longer term sysadm-client should probably get hooked into sudo (like similar things on Ubuntu), then someone with root makes the decision to add a user to wheel or sudo’ers.


#5

I actually liked the installer. I thought it was really nice to see the hardware and let you pick stuff. Most Linux installers try and hide everything from the user I guess they think that keeps it so that anyone can install their OS but IMHO non-computer people probably shouldn’t be installing operating systems and should let knowledgable people do that for them.