Another reason not to use sudo?
Hudson Delbert J Contr 61 CS/SCBN
Delbert.Hudson at LOSANGELES.AF.MIL
Tue Nov 23 16:28:00 UTC 2004
john,
i remember setting up the ssh daemons, ssh.com i think it was ,
that allowed the implementation to be fine-grained at least down
to the user level, meaning, if 'ssh -p' switch, one can only login
into $USERNAME's account also @reboot, all traces of trust disappear
as far as the last session. he must re-authenticate - old connex get
fried......and he never needs or gets to ever be ----- root..
we wanna avoid allowing uid to resolve to 0 whenever possible.
ben,
relax, use .v2. and stop using telnet and getting sniffed
ssh v2 default ciphers 'out-of-the-box' encrypt to at least AES128
IETF Draft level AND a non-trivial amount of effort is required to
TURN IT OFF.
IT doesnt expose ANY user/pass traffic. you dont even need passwords.
NETSEC CLASS 101 - RULE A. - NEVER ALLOW GUEST ACCESS TO THE SYSTEM -
EVER!!!!
Prior capitlization intended.
Every logs in using the appropriate name using the appropriate credentials
using previously prescribed media and methodology otherwise your corporate
security policy (if it exists is 'tu')
almost no one will know the root password, if YOU dont tell it.
-----Original Message-----
From: ubuntu-users-bounces at lists.ubuntu.com
[mailto:ubuntu-users-bounces at lists.ubuntu.com]On Behalf Of John
Sent: Monday, November 22, 2004 5:37 PM
Cc: Ubuntu List
Subject: Re: Another reason not to use sudo?
Ben Edwards wrote:
> We were trying to decide whether to enable root on the Ubuntu PCs we
> have been setting up at a community center and the person I was
> working with pointed out the following.
>
> If you ssh into a box the password of the initial account you log in
> is _not_ encrypted so you would normally log in as a lesser user and
> su when you are in (this I knew but many people do not).
You don't have to login with passwords. I mostly don't.
>
> However if your box uses sudo you would tend to log into your sudo
> account, your password could be snifed and someone could get root
> access on your box!
1. See above
2. Control physical access to your LAN. Sudo isn't everything.
>
> The only way round this would be for everybody with sudo access to
> have another lesser account that they used to remotely log into the
> box - or I guess everybody could log in using a guest style account.
Everyone should use their own account. That way your logs record who dunnit.
>
> I should also mention that the good thing about sudo which is not on
> the RootSudo page is that you can selectively give people access to
> various aspects of roots privileges - i.e. you could allow someone
> just to install packages but not delete other peoples files (never got
> into this myself but gather it is the case).
Well, anyone who can
a. Create user accounts
or
b. Install software into system locations
owns your box anyway. If I can create user accounts, I can create onw
with uid=0 and then I'm root.
Ditto if I can edit /etc/passwd
If I can install software as above, I can install software to give me a
root shell.
sudo is far from perfect, but IMV it beats having everyone know the root
password.
--
ubuntu-users mailing list
ubuntu-users at lists.ubuntu.com
http://lists.ubuntu.com/mailman/listinfo/ubuntu-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 4392 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20041123/f50a23de/attachment.bin>
More information about the ubuntu-users
mailing list