Security of using sudo rather than su?
Dennis Kaarsemaker
dennis at kaarsemaker.net
Thu Sep 14 09:35:32 UTC 2006
On do, 2006-09-14 at 10:18 +0100, Adam Funk wrote:
> I've read the official explanation of the locked root account [1] and
> it still seems to me that this system can reduce security (in
> comparison with the traditional approach) because an attacker
> (especially a remote attacker) can gain root privileges by cracking
> one password (the main user's) rather than two (since normally root
> isn't allowed to log in over ssh).
>
> Why is this view wrong?
Because normally, root *can* login over ssh and 'root' is a very
well-known username. So sudo actually doubles security by having to
guess both a username and a password instead of just a password.
--
Dennis K.
Time is an illusion, lunchtime doubly so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20060914/b753c9f1/attachment.sig>
More information about the ubuntu-users
mailing list