kdesu and sudo

Derek Broughton auspex at pointerstop.ca
Mon Apr 18 13:00:18 CDT 2005


On Monday 18 April 2005 16:07, Hannes Hauswedell wrote:
> let me explain...
> _first reason_: security; if i have a proper root account set up and my
> user account gets compromised this is only a minor security problem. if my
> 'sudo-everything-user' account gets compromised my system is one command
> from a complete data loss (eg:"sudo dd if=/dev/urandom of=/dev/hda").

And if your root account is compromised?  I can't conceive of a situation 
where root is any more secure than a user account - especially since hackers 
will have to work (a little) to find the names of your user accounts, whereas 
they can usually expect there to be an account named 'root'.  

> _second reason_: maybe there is a box with lets say a couple of accounts
> and i dont WANT all to be potential root-accounts, and i come to the
> computer while a user is logged in i cant even change the time on the
> clock, but i have to tell the user to log out and let me log in with my
> account so i can kdesu change the time settings.... 

Why?  Again, it's possible that I have something available that wouldn't be in 
a default kubuntu install, because I migrated from Debian, but I'd just 
switch to another terminal and log in.  Or better, log in with _my_ account 
via VNC and XDMCP from another computer, and modify it without his even 
needing to know.

> but i got an idea: why 
> dont the devels just add an option in kcontrol to switch between kubuntu
> and original kde behaviour? thanks

If this behaviour ever merges to Debian, I expect something like that will 
happen.  I happen to think it's a bad idea.  This method is more secure and 
takes a very small change in your methods to work.
-- 
derek



More information about the kubuntu-users mailing list