Firewalls and Virusscanners
Darryl Moore
darryl at moores.ca
Tue May 26 01:39:46 UTC 2009
Ah yes, well, that is the idea behind sudo. Absolutely. But that is not
the idea behind what Ubuntu has done with it. They have given one user
total complete root access via sudo. It is easy enough to bypass the
sudo logging in Ubuntu simply by running "sudo bash". They use it as a
blanket substitute for root, not for giving select users restricted
access to some functions. For the latter it makes a lot of sense. For
the former, I still don't see the benefit.
Brian McKee wrote:
>
> No, that's not really the idea.
> Sudo allows you to give equiv to root access to more than one person,
> without them sharing a password, thus you can remove one without
> affecting the other. It also keeps a log of all activities, and *who
> did them* so you can find out which turkey actually made the mistake :-)
>
> see https://help.ubuntu.com/community/RootSudo if you aren't familiar
> with it. (even though it claims the same security thru obscurity user
> name routine you mention)
>
> Brian
>
More information about the ubuntu-ca
mailing list