Re: sudo versus #



Hi, Kayven!

On 10/02/2010 21:00, KAYVEN RIESE wrote:
It's my understanding that the sudo command basically executes the
subsequent command as superuser. I fail to see the difference between
having a # prompt logged into superuser and sudo, other than ensuring that
you don't make mistakes, unless having the terminal open can allow
attackers to infiltrate the system? I have been using command line unix
for a long time. I don't make mistakes. What is the real implications of
sudo?

Also, I notice that when Ubuntu gives me those update dialog boxes my root
password doesn't work to allow the installation to go forward. This makes
me irritated, because it instead wants my normal user password, which for
me by design is a weaker password that I use for more things and thus
could be more easily cracked. My root password is longer and I use it for
less things. Both are immune to dictionary attack, but it bothers me the
way this subverts my configuration.


The key issue here is tracability and audit.

If you log in to root, or su to root, once you are root, every command
you type is traced to root. If multiple users su to root at the same
time, nobody really knows which user typed what in particular, and then
as root (whether su or login) you can do ANYTHING without anybody being
able to know who did it.

With sudo, you can trace each command to the individual user who did it.

If user A types "sudo rm -rf /home/userB"... then the system
administrator can trace that command to user A and take appropriate
disciplinary actions.

If user A logs in as root and does "rm -rf /home/userB"... nobody really
knows who logged in as root.

This is critical in multi-user environments. Not as much on a single
user machine. But Linux was designed (just as Unix) for multi-user
environments.

Gilles.

--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users