Security of using sudo rather than su?
Felipe Alfaro Solana
felipe.alfaro at gmail.com
Fri Sep 15 04:39:59 UTC 2006
> No, either of two condtions to be true:
>
> 1. One user name
> 2. That user's password
>
> OR
>
> 1. root's password
>
> This is because 'sudo -i' will work regardless of root having a
> separate password or not. You decrease security by adding another
> avenue of attack.
I don't understand what you're saying. To run sudo, one needs to be
logged as a normal user, so one needs first to guess a valid
username/password combination.
More information about the ubuntu-users
mailing list