What's so secure about sudo?
Omer Zak
w1 at zak.co.il
Tue Jun 18 09:53:30 IDT 2019
Using /etc/sudoers and /etc/sudoers.d, it is possible to limit the
operations that an user can do as a superuser.
It is even possible to configure some operations as ones not requiring
him to enter his password.
See 'man 5 sudoers'.
On Tue, 2019-06-18 at 09:23 +0300, Shlomo Solomon wrote:
> This has bothered me for years and I decided to "get it off my
> chest".
>
> For many years I used su to do administrative tasks, but "everyone"
> uses sudo and the claim is that it's more secure than actually
> logging
> in as root.
>
> In principal, of course, root login is not a good thing, but let's
> remember something I've never seen discussed. I would assume that on
> most systems the root password is MUCH more secure than that of a
> regular user. Now if I give user david sudo privileges, anyone who
> cracks david's (weak) password now has access to root privileges.
>
> And before anyone says that this is only a one-time authorization,
> what
> if the guy who cracked david's password now does:
> sudo passwd root
>
> So what's so secure about using sudo?
--
"Prior to capitalism, the way people amassed great wealth was by
looting, plundering and enslaving their fellow man. Capitalism made it
possible to become wealthy by serving your fellow man." - Walter E.
Williams
My own blog is at https://tddpirate.zak.co.il/
My opinions, as expressed in this E-mail message, are mine alone.
They do not represent the official policy of any organization with
which I may be affiliated in any way.
WARNING TO SPAMMERS: at https://www.zak.co.il/spamwarning.html
More information about the Linux-il
mailing list