Marshalrusty wrote:While the article's content is valid (for maximum safety, using sudo is better than logging in as root), it is not at all the same thing being brought up here.
The similarities between both are quite obvious (and also, you shouldn't be presenting your opinion as die-hard fact).
Quoting just that one line of what I said makes it seem like I didn't back up my opinion
. The least you could do is at least read my post and understand what I said before pretending like it's so much beneath you. I'm also not sure where I made it sound like anything I said was "die-hard fact" anymore than you did. Nowhere did I deny there being any "similarities"; there are similarities between phpBB and SMF, but that doesn't mean every concept applied to one can be applied to the other.
In this case, you're comparing permissions on an OS with permission on a bulletin board program. The original poster specifically stated that the purpose for multiple passwords was protection from one being stolen, which is not
the purpose of sudo. You then attempted to apply the actual purpose of sudo to phpBB, which also doesn't really work because phpBB is a bulletin board system. It could
be made to work, but there's no problem with running operations as an administrator in phpBB. That is, unless you've found CSRF vulnerabilities somewhere (in which case the problem is the vulnerability).
nn- and I explained that since we are supposing the first password was stolen, the second password would be stolen in the same way.