[Off Topic] Re: Linux security

Daniel Carrera daniel.carrera at zmsl.com
Sat May 6 10:08:15 UTC 2006


Michael Richter wrote:
> sudo -s
> <enter password>

Tha'ts not default behaviour though. And not the most likely scenario. 
Just dropping to the command line, knowing the sudo command *and* 
knowing the -s flag increases the barrier significantly. And that's a 
property of a well-designed system. You can't prevent users from making 
a major mistake, but you can make it so that it's easier to use the 
computer in a safe manner than in an unsafe manner. And your premise 
started with users being stupid and ignorant. Well, those who are stupid 
and ignorant won't use a terminal, won't know sudo, and certainly won't 
know -s.

Cheers,
Daniel.
-- 
      /\/`) http://opendocumentfellowship.org
     /\/_/
    /\/_/   ...and starting today, all passwords must
    \/_/    contain letters, numbers, doodles, sign
    /       language and squirrel noises.





More information about the ubuntu-users mailing list