<div dir="ltr">I'm not an expert, but I found out that if I login as a regular user, I use sedo only when necessary. But when I login as root (which I do) I am root all the time. This may cause problems if by mistake I enter a command which might cause a big damage as root, but not a big damage as a regular user. Such as, for example, rm -f. So the security issue is also for me entering as a legitimate user and accidentally writing a wrong command. Which will probably not happen with sedo. Especially when sedos require for me to enter my password.<div><br></div><div>Anyway, some servers I manage I am able to login as root and some not, as root login there is disabled. I'm not an expert is security but I think usually my servers are not cracked/hacked as long as I keep the passwords secure. If I login as root and don't make mistakes such as above, I don't see why logging in as root is less secure than sedo.</div><div><br></div><div>By the way, sometimes I login as a regular user and then su. I don't remember if this option is enabled in all my servers.<br clear="all"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div style="direction:rtl"><div style="direction:rtl">אורי</div><div style="direction:rtl"><a href="mailto:uri@speedy.net" target="_blank">uri@speedy.net</a></div></div></div></div></div></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jun 18, 2019 at 9:24 AM Shlomo Solomon <<a href="mailto:shlomo.solomon@gmail.com">shlomo.solomon@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">This has bothered me for years and I decided to "get it off my chest".<br>
<br>
For many years I used su to do administrative tasks, but "everyone"<br>
uses sudo and the claim is that it's more secure than actually logging<br>
in as root. <br>
<br>
In principal, of course, root login is not a good thing, but let's<br>
remember something I've never seen discussed. I would assume that on<br>
most systems the root password is MUCH more secure than that of a<br>
regular user. Now if I give user david sudo privileges, anyone who<br>
cracks david's (weak) password now has access to root privileges. <br>
<br>
And before anyone says that this is only a one-time authorization, what<br>
if the guy who cracked david's password now does:<br>
sudo passwd root<br>
<br>
So what's so secure about using sudo? <br>
<br>
-- <br>
Shlomo Solomon<br>
<a href="http://the-solomons.net" rel="noreferrer" target="_blank">http://the-solomons.net</a><br>
Claws Mail 3.16.0 - Kubuntu 18.04<br>
<br>
_______________________________________________<br>
Linux-il mailing list<br>
<a href="mailto:Linux-il@cs.huji.ac.il" target="_blank">Linux-il@cs.huji.ac.il</a><br>
<a href="http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il" rel="noreferrer" target="_blank">http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il</a><br>
</blockquote></div>