SU & SUDO

Dave dsterken at gmail.com
Sat Oct 7 03:41:32 UTC 2006 

Thank you for the detailed response Daniel.  :)  You might have
miss-understood my intent, which is to disallow apps in X access to root,
not to switch over to root while running root. Root has no place in X! Well,
that is just my opinion. I was "trying" to say that I would rather su to
root in a console to run the tools I need.

That aside, you mentioned several things I was unaware of. I was not
comparing it to the wheel group, which is a very useful tool. I agree, the
developers obviously chose sudo for a reason or they wouldn't have woven it
in. Locking up the Root account is good idea, but it still has a sudo
account right, and an admin group? Isn't that like trading 1-fat cow for a
group of fat cows? Trading Root's password, for a sudo password that has all
the privileges of root at the user level may not gain me any security, in
fact, it may make things less convenient but it feels like it gives me more
control.  However, I will certainly give sudo a chance based on your
suggestions (all very wise), I must admit though, I'm still squeamish about
it.  :-)

Thanks again

On 10/6/06, Daniel Pittman <daniel at rimspace.net> wrote:
>
> Dave <dsterken at gmail.com> writes:
>
> G'day Dave.
>
> > You all brought up great points! The main reason I want "su"
> > vs. "sudo" is for security. Admittedly, I do not have a deep
> > understanding of how sudo works but I came from a FreeBSD environment
> > and have only just started using Ubuntu recently.
>
> OK.  First, a hint from my years of experience with security: you will
> generally get better security sticking with the tools the developers
> chose than adding additional tools -- unless you understand exactly what
> you are trading off in each direction.
>
> > While a lot of things are different to me, I do not understand the
> > need to give applications in x, access to sudo.
>
> None of the applications, X or otherwise, have access to sudo.  *Users*,
> and specifically users in the 'admin' group (which is equivalent in many
> ways to the 'wheel' group from *BSD) have access to sudo.
>
> Those users can use sudo to run software with elevated privileges; the
> software can take advantage of that, like it can take advantage of su,
> but it is a property of the *user* not the application.
>
> > I feel that if I want to run a series of tools that require extra
> > privileges, it is simple enough to su to root and be done with it.
>
> Well, in the simplest case that will not work for GUI tools as they will
> lose a number of essential elements of X security.
>
> > I would however, love to hear how the security of sudo is coming
> > along, perhaps my concerns seem silly to you guys.
>
> Being concerned about security is reasonable.  I still don't understand
> exactly what your concern about sudo is though.  Can you restate it in a
> short question or something?
>
>
> Anyway, the essential trade-off with sudo vs su (and a root password) is
> documented in the links others shot you in the thread, but comes down
> to:
>
>   With traditional su, and a root password, that password is a well
>   known point to attack.
>
>   By locking the root account Ubuntu gains security, because you can no
>   longer gain access as root regardless of how well you guess.
>
>
>   The cost of that is that sudo makes the password for an account in the
>   'admin' group equivalent to the root password.
>
>   If you have multiple members of 'admin' then you have multiple
>   passwords equivalent to root.
>
>
> So, the trade off in security terms is that Ubuntu gains security by
> having the root account locked -- no attack direct to root can succeed.
>
> There is one account, by default, which is the equivalent of root.
>
> This is an account that is regularly used, because it is a normal user
> account, so the password is more likely to be changed (and remembered)
> than a root account that is almost never used.[1]
>
>
> Oh, and if you are concerned because you don't know the security history
> of sudo, vs the core su command, feel comforted: it has a good security
> record, and is regularly audited and updated to address new concerns as
> they develop.
>
> Regards,
>         Daniel
>
> Footnotes:
> [1]  Obviously, this isn't true for everyone; some of us need root
>      access regularly.  Those folks are likely to be the same ones who
>      would have a secure root password, etc, etc.
>
> --
> Digital Infrastructure Solutions -- making IT simple, stable and secure
> Phone: 0401 155 707        email: contact at digital-infrastructure.com.au
>                  http://digital-infrastructure.com.au/
>
>
> --
> kubuntu-users mailing list
> kubuntu-users at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
>



-- 
Dave Sterken
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kubuntu-users/attachments/20061006/929fe93a/attachment.html>

More information about the kubuntu-users mailing list