Security of using sudo rather than su?
alan at linuxholdings.co.za
Thu Sep 14 12:36:49 UTC 2006
On Thursday 14 September 2006 14:05, Adam Funk wrote:
> > sudo allows you to selectively assign root priviledges
> > on a per user basis.
> Absolutely --- that's the sort of situation that sudo was
> intended for!, isn't it? But the Ubuntu default --- for the
> simple personal workstation --- is
> %admin ALL=(ALL) ALL
> which is quite different.
sudo suffers from a flaw as far as easy configuration is
concerned - there are no sane defaults. i.e. if you try to come
up with some sane defaults, you won't find any.
It's up to the admin of a machine to consider the users and
services on the machine and do the right thing for that setup.
Hence the only possible default - members of the admin group
can become root and do any root things they wish.
It's a compromise, because Ubuntu has designs on the enterprise
space. If we think support is a nightmare now with the infernal
eternal "why can't I su?" questions, imagine what it would be
like if there was a choice for the su model for some and sudo
Besides, security is a relative concept anyway, and those who
claim that one of these models is better or worse than the
other just because, usually has no foggiest idea of what they
are talking about or what happens in real life. By example:
every personal workstation I have looked into in the last year
has had the SAME password for the main user and root. EVERY
SINGLE ONE. The users say they get fed up having to remember
more than one password. Some of them keep the same password on
all machines for years...
So there in one fell swoop goes the entire extra security of su.
Add in that most folk set the hostname to their own user name,
and the secret username is also moot.
As in see it, the lesson to be learned: to have the full benefit
of su you have to rig it so that it can't be circumvented.
More information about the ubuntu-users