The principle of least privilege is an important paradigm of computer security and it demands that the least amount of code as possible is run as root so as to minimise the inherent risk.
Accordingly, the best method is to use the sudoedit command, for example:
Code: Select all
sudoedit /etc/hostname
Once the file is modified and saved then it is copied back to the original location so only the copy command is run as root.
However, some users are not comfortable with command line text editors such as nano (although it is fairly easy to use) and would much prefer to employ a graphical text editor instead.
Although lots of guides will suggest using the gksu command to open a graphical text editor as root it should be noted that this program ceased development back in 2014 and has been abandoned upstream and dropped by Debian for the upcoming buster release:
https://bugs.debian.org/cgi-bin/bugrepo ... bug=892768
The reason why gksu is considered insecure is because text editors under its aegis will run their entire codebase with elevated privileges, in direct contravention of the principle of least privilege.
An alternative to gksu is available though
First install the gedit text editor:
Code: Select all
sudo apt install gedit
Code: Select all
admin:///etc/hostname