Security of using sudo rather than su?

Alexander Skwar listen at alexander.skwar.name
Sun Sep 17 17:01:29 UTC 2006


· Karl Auer <kauer at biplane.com.au>:

> On Sun, 2006-09-17 at 14:53 +0200, Alexander Skwar wrote:
>> > Security isn't just about cracked passwords. Security is about avoiding
>> > damage, whether intentional, malicious or accidental. Requiring sudo
>> > reduces the chances that a command will accidentally be carried out as
>> > root.
>> 
>> Uhm, no. As you can easily see on this list, a *lot* of suggestions/tipps
>> involve using sudo, even if it's not required. The way Ubuntu is set up
>> actually makes people run way too much stuff with sudo.
> 
> Running way too much stuff with sudo is still better than logging in as
> root and running WAAAAAY too much stuff as root.

No. It's not better. It's not worse. It's as bad, as it shows, that people
don't think about what needs root and what not.

> What is the "way too much stuff" that Ubunto makes people do with sudo
> that it shouldn't?

Have a look at script examples that are passed around here.

Alexander Skwar
-- 
"We all agree on the necessity of compromise.  We just can't agree on
when it's necessary to compromise."
             -- Larry Wall in  <1991Nov13.194420.28091 at netlabs.com>






More information about the ubuntu-users mailing list