hi all..

Evan Klitzke eklitzke.lists at gmail.com
Sat Feb 3 01:35:58 UTC 2007


On Fri, 2007-02-02 at 14:21 -0800, Michael A. Peters wrote:
> Some of the other distros that seem easier only seem so because they
> compromise security to achieve it - such as very insecure sudo defaults
> that essentially make any admin group user password a root password.
> 
> IE someone gets your user account password, they can do more than just
> mess up your user files, they can become root with sudo and alter
> binaries so that you don't know they are there, continuously collecting
> information about you.

The security of Fedora has nothing to do with not having sudo accounts
by default. If your password is compromised and you are in the wheel
group, there are any number of mechanisms that someone could use to try
to get you to reveal the root password.

Fedora is more secure than a lot of other distributions because it
enables SELinux by default; it has nothing to do with the use or nonuse
of sudo accounts (which, incidentally, have a finer grained
authentication mechanism than the su command).

-- Evan Klitzke




More information about the fedora-list mailing list