Using sudo to Keep Admins Honest? sudon't!
mdz at ubuntu.com
Sun Nov 5 03:29:55 GMT 2006
On Sat, Nov 04, 2006 at 11:19:26AM +0000, Tristan Wibberley wrote:
> It is a *huge* misconception that Ubuntu does not run as root by
> default, because for all security related purposes... it does. It is
> trivial to escalate privileges once you have compromised somebody's account.
This is not unique to Ubuntu, as explained on the same page where I believe
those other quotes came from. It's straightforward to escalate to root from
a user who uses 'su' and a root password as well, if you have their
password. It just requires that the attacker wait until the next time the
user runs su.
> You should *never* use your default account for day-to-day usage.
Such a configuration is perfectly adequate for most desktop users. The
truly paranoid should never use privilege escalation at all, and only
administer from a direct login on the console.
More information about the sounder