[OT] sudo, why not su?
Derek Broughton
news at pointerstop.ca
Wed Aug 10 13:43:27 UTC 2005
sean at seanmiller.net wrote:
>> For example, how bad would it be if a user opened a terminal, typed
>> 'su', ran a few quick tasks, then just walked away without typing 'exit'?
>
> This should be the case, but do remember that if you do multiple sudo
> commands there's a 5 minute period during which you don't have to re-enter
> the password...
The user still has to use "sudo" though, so it's not quite the same as
being in a root shell and accidentally typing a command that would be
innocuous for a normal user.
> I guess that the solution to this particular security flaw is to make the
> first user you set up on a Ubuntu system specifically a system admin user
> rather than a named user... ie. "sysadm"...
I mostly agree (except that it should be an "eg", not an "ie" - the user
name should be installer selected). The installer _should_ know that the
first user is special and should be treated as a sysadmin, but if you're
going to make that account "sysadm", you might as well just make it "root".
--
derek
More information about the ubuntu-users
mailing list