[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: edit root alias when installing the OS



Uttered n0dalus <n0dalus+redhat gmail com>, spake thus:

> I know other distributions do this, but I don't think it is a good
> idea. Adding the first user to /etc/sudoers means that any malware
> only needs to get that user's password, or get itself to run after you
> use sudo, and then it gets root access.
> 
> I don't see what is wrong with using su.

1) Once any non-admin learns the root password, everybody knows the root
password.  And unless the admin wants to do every trivial admin
activity, the root password must be given out and thus compromized.

2) Root logins are security problems because you can't tell which
human actually logged on in the guise of root.  Whom do you fire,
even if you figure out what was done?

3) Sudo(1) allows fine control over which programs a user can run as
any other user.

4) With sudo(1), an authenticated user must reauthenticate to run a
program as another user.  (Trusted users need not reauthenticate.)

5) Sudo(1) logs the activity so you will have an audit trail.  System
console, and syslog.


Using sudo(1) is a big security win.  Unfortunately, the man(1) page
is a bit confusing for newbies and using su(8) seems so convenient.
But with a small setup step, I can safely allow:

	$ sudo rpm -Uvh /path/to/a/package

to be run by a trusted user because I'll get notices about it the
attempt, its success or failure, as well as getting a record about
what command line was used.

HTH

Attachment: pgpzWh97vSPVg.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]