cross-platform virus

Cefiar cef at optus.net
Mon Apr 10 03:45:06 BST 2006


On Monday 10 April 2006 07:44, Alan McKinnon wrote:
> On Sunday 09 April 2006 20:42, Shawn McMahon wrote:
> > On Sun, Apr 09, 2006 at 10:41:36PM +1000, Sasha Tsykin said:
> > If we didn't have sudo at the Fortune 100 corporation where I work,
> > we'd have to change the root password on thousands of servers every
> > time any of hundreds of different people changed job
> > responsibilities; and when you count the non-root things we do with
> > sudo, it'd be thousands of people, not hundreds.  My entire job
> > would consist of changing the root password all day every day on
> > the hundreds of UNIX/Linux servers for which I bear part of the
> > administration responsibility.
>
> Ahhh yes, this explains something I'd always wondered - why does sudo
> require the user password? Surely it would be more secure to ask for
> the root password as well (a second barrier)? I forgot to consider
> what happens when many people have the password and one resigns.

That's the default setup of sudo, but it's not the only option.

If you like the "root password" concept, then you can actually set a root 
password and tell sudo to use it instead of the users password (the rootpw 
option). This gives you that central root password you're after, with all the 
other good stuff that sudo offers.

-- 
 Stuart Young - aka Cefiar - cef at optus.net



More information about the sounder mailing list