[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: edit root alias when installing the OS



Hi

1) Once any non-admin learns the root password, everybody knows the root
password.  And unless the admin wants to do every trivial admin
activity, the root password must be given out and thus compromized.

2) Root logins are security problems because you can't tell which
human actually logged on in the guise of root.  Whom do you fire,
even if you figure out what was done?

3) Sudo(1) allows fine control over which programs a user can run as
any other user.

4) With sudo(1), an authenticated user must reauthenticate to run a
program as another user.  (Trusted users need not reauthenticate.)

5) Sudo(1) logs the activity so you will have an audit trail.  System
console, and syslog.


Using sudo(1) is a big security win.
In many cases, yes it can be a big security win but the question here is do you want to the default user to have all administrative access through his own password?. That makes sense for the typical home user who owns his system anyway but it doesnt seem to be a big advantage for any system where system administration is done by other people who want to limit access to only non-root routine tasks for regular users. Several programs might not work well with sudo like webmin for instance. Shell redirection under sudo might not well as expected. ex: sudo ls /etc > /root/etc.list. If we decide that Fedora Core will be squarely targeted at the desktop then sudo might work well but otherwise I dont see it as a generic default solution.




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]