Security of using sudo rather than su?
Karl Auer
kauer at biplane.com.au
Sun Sep 17 13:20:50 UTC 2006
On Sun, 2006-09-17 at 14:53 +0200, Alexander Skwar wrote:
> > Security isn't just about cracked passwords. Security is about avoiding
> > damage, whether intentional, malicious or accidental. Requiring sudo
> > reduces the chances that a command will accidentally be carried out as
> > root.
>
> Uhm, no. As you can easily see on this list, a *lot* of suggestions/tipps
> involve using sudo, even if it's not required.
Uhm, yes! Requiring sudo DOES reduce the chances that a command will
accidentally be carried out as root. Whether incorrect suggestions are
made or not. If you don't see it that way, I'd be interested in your
explanation of why requiring sudo DOES NOT reduce the chances. Note that
"reducing the chances" is not the same as "making 100% safe".
Lets say I want to carry out 100 comands, 10 of which require root
access. If I carry out all 100 while logged in as root, there are 100
commands I may get wrong, each possibly resulting in some catastrophe
that would have been less harmful had I not been logged in as root.
With sudo, I only get 10 chances to make that kind of mistake. And with
a finer-grained sudo than Ubunto provides by default, possibly even
fewer.
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au) +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/ +61-428-957160 (mob)
More information about the ubuntu-users
mailing list