sudo without password

Michael T. Richter ttmrichter at gmail.com
Wed Jun 7 06:28:28 UTC 2006


On Wed, 2006-07-06 at 02:04 -0400, Scott Kitterman wrote:

> > > > Note that doing this is a very bad idea from a security standpoint....



> > > And none of this makes the slightest difference to the well-being of the
> > > single most important stuff on your computer: Your own files.



> > > So.............. a 'very bad idea from a security standpoint'... hardly.



> > This is a point that seems to be missed in the UNIX community a lot: the
> > vast majority of computer users no longer run on time-shared, multi-user
> > systems.  "Security" is "me and my files" not "my system because if it
> > goes down hundreds of others are inconvenienced".



> > It's a different world.  UNIX will catch up sometime.



> If I screw up and make my data available to someone, that hurts me.



And that is the most common security exploit even under Windows.  You
lose your data.  We just hear about the other ones more because a)
they're the scary ones and sensationalism always wins out over numbers
and b) they're the ones that we're more likely to see in the wild when
they hit (by their very nature).


> If I screw up and compromise my machine and give it over to some 
> spammer/phisher/[insert favorite net crime here], then I've hurt the entire 
> internet.


How nicely full of hubris.  "My little laptop will bring down the
Internet."

Tragically, however, the worst attacks ever only brought down a part of
the Internet for small periods of time (relatively speaking).


> It's a different world.  UNIX was designed for it.


UNIX was designed long before there was an Internet.  And its security
model shows it.  (Sudo is an afterthought, not the primary model.)  A
modern security model would be capabilities-based -- you know, two
generations of security architecture past what UNIX was designed with.

--
Michael T. Richter
Email: ttmrichter at gmail.com, mtr1966 at hotpop.com
MSN: ttmrichter at hotmail.com, mtr1966 at hotmail.com; YIM:
michael_richter_1966; AIM: YanJiahua1966; ICQ: 241960658; Jabber:
mtr1966 at jabber.cn

"My paramount object in this struggle is to save the Union, and is not
either to save or to destroy slavery." --Abraham Lincoln
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20060607/a9fcfb29/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20060607/a9fcfb29/attachment.pgp>


More information about the ubuntu-users mailing list