hi all..

Michael A. Peters mpeters at mac.com
Sat Feb 3 03:38:29 UTC 2007 

On Fri, 2007-02-02 at 17:35 -0800, Evan Klitzke wrote:
> On Fri, 2007-02-02 at 14:21 -0800, Michael A. Peters wrote:
> > Some of the other distros that seem easier only seem so because they
> > compromise security to achieve it - such as very insecure sudo defaults
> > that essentially make any admin group user password a root password.
> > 
> > IE someone gets your user account password, they can do more than just
> > mess up your user files, they can become root with sudo and alter
> > binaries so that you don't know they are there, continuously collecting
> > information about you.
> 
> The security of Fedora has nothing to do with not having sudo accounts
> by default. If your password is compromised and you are in the wheel
> group, there are any number of mechanisms that someone could use to try
> to get you to reveal the root password.

None of them are sure thing - with bad sudo defaults they do not have to
exploit something which often results in triggering something, and they
have root instantly giving them the ability to alter binaries and put
other back doors into the system.

While having a local account compromised means that they only have to
find a local exploit to root the box, having a local account compromised
that has sudo privileges means they own the box already.

> 
> Fedora is more secure than a lot of other distributions because it
> enables SELinux by default; it has nothing to do with the use or nonuse
> of sudo accounts (which, incidentally, have a finer grained
> authentication mechanism than the su command).

sudo can be configured to be more fine grained that the su command.
The default that Apple, Ubuntu, and others have are not fine grained at
all - anyone in the right group can execute any command they want root.

Do you think users who don't already know how to lock down sudo are
going to do so? Users who already know how to lock down sudo do not need
insecure defaults, so the default configuration that OS X and ubuntu use
are not for them, those defaults are for the vast majority of people who
will never ever change them.

More information about the fedora-list mailing list