[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: edit root alias when installing the OS



Uttered n0dalus <n0dalus+redhat gmail com>, spake thus:

> Why should we cripple people's ability to administrate their systems
> by taking away the root password? If I had to prepend all my commands
> with 'sudo' and half of my paths with '/sbin' I'd quickly get
> frustrated and give root a password. 

So put "/sbin" on your normal path.

Well, doing a significant amount of work as root does seem to justify
sudo'ing into the root account:

	$ sudo su -

But the proper /etc/sudoers entry would let only _your_ account run
_only_ that program and require _your_ password to do it.  At least
you'd get an audit trail entry as you entered the superuser realm.
With a root login, you get *nothing*.  Was that a hostile root login?
You can only hope not.

> Just because admins know the root password doesn't mean any malware
> that manages to sneak on does too. Putting all the users in sudoers
> means that malware only needs to get a user password for root access,
> which is usually much easier than obtaining the root password.

Not really.  To break into a UNIX system, I need to have two items: a
valid account name, and a valid password.  With the "root" account,
I'm halfway there already.

> Weak passwords are not sudo's fault, but statistically the more users
> in sudoers the easier it becomes to get root access. It doesn't matter
> how strong the passwords are.

The idea is not to C3 secure the whole environment (that's another
show ;-) but to help Aunt Minerva (substitute your favorite
non-technical user name here) get help when something gets bungled
while in superuser mode.  At least there is an audit trail so the
help desk can get a glimmer of what was actually done rather than what
the semi-inept user thought was being done.

The goal, at least of my original posting, was to encourage newbies
to use the sudo method for those times they need superuser privilege.
Reading the sudo(1) man page gives pause even to seasoned admins and
probably drives newbies back screaming to Google.com for another
command.  Yet, sudo(1) is probably the safest was to superuser command
line access for casual admin activity.  Thus the need to gently steer
newbies to sudo(1) for, maybe, some set of common root commands.

Sudo(1) is not intended to outlaw su(8) for real admins and power
users.  

As we try to promote Linux on the desktop and in the home, depending
on more casual admins, we need more audit trails, not fewer, so the
savy among us can help when disaster ensues.  Sudo(1) or su(8) issues
aside, disaster _will_ ensue, so why not try for the most well-paved
path?

Cheers

Attachment: pgpziCArp0m4y.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]