Misconfiguration of sudo is insecure
Robert Stoffers
rstoffers at gmail.com
Wed Mar 29 11:06:30 BST 2006
Tollef Fog Heen wrote:
> * Paul Sladen
>
> | On Thu, 23 Mar 2006, Yuki Cuss wrote:
> | > Please try `sudo -i'. You may find it is a more secure option.
> |
> | No. NO. Please, no.
> |
> | Now you have a shell open where *every* command you type is running with
> | unchecked priviliges and it the commands _aren't being logged_.
>
> If you want process accounting, use process accounting. Don't rely on
> sudo or similar tools logging.
>
Do an expert install, the root account is then enabled from the get go
and sudo isn't. This means all the GUI applications that require root
privileges and expect sudo to be working when one clicks on the icon
won't work in that way (run them directly as root instead).
Simply put, if sudo really bothers anyone that much they don't *have* to
use it!
Cheers,
Robert Stoffers
--
Ubuntu - rob1 at ubuntu.com
Townsville Linux Users Group - http://tlug.dnho.net
Freenode Staff - rob - irc.freenode.net
More information about the sounder
mailing list