root password setting unoffered at install

Gilles Gravier Gilles at Gravier.org
Sun Nov 4 17:44:57 UTC 2007 

This is more simplistic than having several users (roles) each with a 
limited and well defined set of permissions... as would be for example 
implemented with RBAC.

Since, with RBAC (Role Based Access Control) you can't by mistake do "rm 
-rf /" and delete your own machine if you are currently active with the 
"printer administrator" role, for example. If the "printer 
administrator" role doesn't imply "full write access to filesystem" then 
you just can't do that.

Whereas with the way SUDO is configured on Ubuntu, you can do "sudo rm 
-rf /" just as easily as if you were root and did "rm -rf /" by mistake. 
And believe me, it's easy to make a typo when doing something like "sudo 
rm -rf /tmp/*" and end up with a command that goes "rm -rf /tmp /*" 
because you hit the space bar at the wrong moment.

It is roughly equivalent to having a root user... with no available root 
password. It normally is interesting as, that way, you can be yourself, 
with no need to be root all the time, but with easy access to 
administrative tasks... It's somewhat interesting to avoid mistakes. And 
also interesting from a security  perspective, since you don't have to 
give root password to anybody. Just tell the sudo system that they are 
(or are not) allowed to do administrative functions.

Sudo is also very interesting from a tracability perspective. If you use 
root, once you log into the root account, commands ran as "root" lose 
tracability. You could have several users logged in as root and you 
don't know which one ran which command as root. With sudo, you keep a 
log of which users actually sudoed each command. So from an auditing 
perspective, it is much better that having a root user. (As long as 
people don't "sudo bash").

Gilles.



Peter Garrett wrote:
> On Sun, 04 Nov 2007 18:28:19 +0100
> Gilles Gravier <Gilles at Gravier.org> wrote:
>
>   
>> Simplistic in the sense that by default, your administrative user has 
>> ALL THE ADMINISTRATIVE RIGHTS.
>>
>> In Ubuntu by default there the administrative roles (create users, 
>> populate home directories, manage network, change peripherals, change 
>> users passwords, and so many more) are simplistically merged into ONE 
>> SINGLE ADMINISTRATIVE user.
>>     
>
> How is this more simplistic than having a single root user who by
> definition has all administrative rights?
>
> Peter
>
>   

-- 
/*Gilles Gravier*/ *=* *Gilles at Gravier.org* <mailto:Gilles at Gravier.org> 
*=* *http://www.gravier.org/*
ICQ : *77488526* 
<http://www.icq.com/whitepages/about_me.php?Uin=77488526> * || *MSN 
Messenger : Gilles at Gravier.org <http://members.msn.com/Gilles@Gravier.org>*
*Skype : ggravier <callto://ggravier>* || *Y! : ggravier 
<http://profiles.yahoo.com/ggravier> || AOL : gillesgravier 
<aim:goim?screenname=gillesgravier>
PGP Key ID : *0x8DE6D026* 
<http://pgp.mit.edu:11371/pks/lookup?search=0x8DE6D026&op=index>
My Last Known Position / Ma Derniere Position Connue 
<http://www.gmap-track.com/user.php?user=ggravier>
"Chastity is its own punishment." (/Solomon Short/) [/David Gerrold/]
"De toutes les aberrations sexuelles, la chasteté est la plus 
aberrante." [Anatole France]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20071104/df565b74/attachment.html>

More information about the ubuntu-users mailing list