Security of using sudo rather than su?
Karl Auer
kauer at biplane.com.au
Thu Sep 14 12:21:57 UTC 2006
On Thu, 2006-09-14 at 13:46 +0200, Alexander Skwar wrote:
> How is the security doubled when using sudo?
Security isn't just about cracked passwords. Security is about avoiding
damage, whether intentional, malicious or accidental. Requiring sudo
reduces the chances that a command will accidentally be carried out as
root. Of course this can be circumvented, but the user who doesn't do
that is safer, and his system is safer, than someone who habitually logs
in as root.
Then there is the point that access to specific commands needing root
access can be given to people. That is, they have root access, but only
for a restricted set of actions.
sudo can log who does what and when. That enables tracking of what
commands were issued when and by whom. This has two good effects - you
can reconstruct the sequence of events when something goes wrong, and
people know their actions are being logged and that they can be held
accountable.
Keeping the number of people who can get general root access to a
minimum is also good security.
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au) +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/ +61-428-957160 (mob)
More information about the ubuntu-users
mailing list