Using sudo to Keep Admins Honest? sudon't!
Alexander Jacob Tsykin
stsykin at gmail.com
Mon Nov 6 01:25:06 GMT 2006
On Monday 06 November 2006 12:05, Shawn McMahon wrote:
> On Mon, Nov 06, 2006 at 10:28:36AM +1100, Alexander Jacob Tsykin said:
> > The point was that you log into you ":administrator account" to use sudo,
> > and your other account for all other tasks.
>
> Except people won't do that. The point to locking root and encourating
> sudo isn't to make things more secure for the people ready, willing, and
> able to make things more secure for themselves; it's for the people who
> don't understand what's what to be encouraged from day one to do
> something better than the easiest thing.
That was actually part of the point I was making, that if people will not
perform truly secure practices, then they should be encouraged to do whatever
that is not too inconvenient.
Sasha
More information about the sounder
mailing list