Using sudo to Keep Admins Honest? sudon't!
Tristan Wibberley
maihem at maihem.org
Sat Nov 4 11:19:26 GMT 2006
Alexander Jacob Tsykin wrote:
> Firstly, preventing a browser from ebing able to run something as root _is_
> security, and frankly, him saying that it's not without bothering to explain
> why is weak, and jsut shows that he has no real argument, and simply dislikes
> sudo because he considers it inconvenient. If that is that case, jsut type
> sudo -i and be doen with it. Of course, this removes the advantage of not
> having root shells ever left unattended, but it does remove the
> inconvenience.
According to Matt Zimmerman:
"You should consider a user with unlimited sudo privileges to be
equivalent to root from a security perspective."
So the default user in Ubuntu *is* root, except that sudo just "prompts
for the user's password as a secondary check which prevents certain
casual attacks (for example, leaving a session open without locking
the screen)." - again according to Matt Zimmerman
It is a *huge* misconception that Ubuntu does not run as root by
default, because for all security related purposes... it does. It is
trivial to escalate privileges once you have compromised somebody's account.
You should *never* use your default account for day-to-day usage.
Certainly don't run anything in it that doesn't come from the standard
repositories.
--
Tristan Wibberley
These opinions are my own, and do not reflect those of my employer. My
employer has its own opinions - any similarities with my own are purely
coincidental.
More information about the sounder
mailing list