sudo and the root account
Brett Kirksey
ubuntu-users at valx.mailshell.com
Tue Oct 5 19:01:49 UTC 2004
On Tuesday 05 October 2004 at 17:09+0100, Benjamin Edwards wrote:
> That would be great, either email me it as a doc (i.e.
> without hard returns) or even better create a wiki page . . .
I attached it to the bootom of the Wiki page. Here's what was added:
The benefits of leaving root disabled by default include the following.
1. Initially the Ubuntu team wanted the easiest install possible. By not enabling root, a couple of steps requiring user interaction during install could be avoided. (Colin Watson)
2. Even more significantly, if root were enabled during install, the user would be required to forever remember the password they chose--even though they would rarely use it. Root passwords are often forgotten by users who are new to the Unix security model. (Matt Zimmerman)
3. Instead of having to just guess the root password, an attacker now has to guess the admin username and the admin password. That might not be particularly difficult if they know your system, but from an external perspective it does make things harder.
Security is about putting up as many road blocks to successful "rooting" as possible. If someone were driving down a street that did not have many signs or signals or patrolmen, they are likely to speed through. Now increase the frequency of patrols, add stop lights, stop signs and speed bumps. A person is less likely to attempt or accomplish inappropriate activities. (Jim Cheetham and Delbert Hudson)
4. It avoids the "I can do _anything_" interactive login by default--you will be prompted for a password before major changes can happen, which should make you think about the consequences of what you are doing. If you were logged in as root, you could just delete some of those "useless folders" and not realize you were in the wrong directory until it's too late. It's been good Unix practice for a long time to "su-command-^D" regularly instead of staying in a root shell--unless you're doing serious system maintenance (at which point you can still "sudo su"). (Jim Cheetham and Andrew Sobala)
5. Sudo adds a log entry of the command(s) run (In /var/log/auth.log). If
you mess up, you can always go back and see what commands were run. (Andrew Zbikowski)
More information about the ubuntu-users
mailing list