Choosing a distribution
paul at aptanet.com
Tue Nov 6 14:20:34 UTC 2007
** Mario Vukelic <mario.vukelic at dantian.org> [2007-11-05 20:06]:
> There is sudo -i and sudo -s, but please see
> https://help.ubuntu.com/community/RootSudo as I will not be available
> 24/7 if you wreck your system ;)
That's handy, I've not spotted those switches before. I've been doing a
'sudo bash' where I haven't had a proper root account to work with.
> > I guess it's just habit, having been a Unix user since the 1980s I
> > find the 'old fashioned' way of becoming root more comfortable. :-)
> I thought everyone using Unix since the eighties has at least once
> bungled a command line and wrecked his system by needlessly running as
> root. I know I have.
** end quote [Mario Vukelic]
Thankfully I haven't, and whilst I can see some of the reasoning behind
sudo reducing the risk, I don't see it as a major advantage. If I'm
doing some work that requires root privileges I generally find it gets
very irritating having to type sudo before each command. The number of
times I open up a file to edit and then realise that I can't save the
edits because I've not opened with root privileges is no odds to anyone.
I also find it very annoying when the tab completion of commands doesn't
work because of the different environment between a user and root.
The lack of a proper root pretty much stopped me using Ubuntu until
around 6.06. I was having some problems with nVidia drivers on a server
(not graphics, SATA, NIC, etc.) and decided to try Ubuntu Server. That
started the process of me deciding to ignore the root issue. The other
thing that started my acceptance of Ubuntu was the fact that I could see
it as a good end user desktop, and here I can see the advantages of sudo
to stop people diving in and changing things without thinking.
As far as security goes, I can see more arguments against sudo for
security. By enabling extra accounts to have access to root privileges
via sudo you increase the number of accounts that could potentially be
cracked and hence give the intruder root access. Multiple people with
multiple views on what constitutes a secure password (within your
enforced standars of course). With a single root account that you need a
password to access you have an extra stage to go through and an extra
password to crack before you get root access. As far as knowing the
account name to try to attack, who ever allows root login access except
via the console? By using sudo you have actually open up accounts that
have root access and are remotely accessible - exactly the opposite of
what a lot of people argue!
I can see the logging advantages, and clearly the problems with handling
a single account/password shared by mulitple users is not a good way of
working. What is really needed is a sudo style access that requires a
different password to your usual login password, but different for each
user, and the ability to log even from a root privilege capable shell.
Both the single root account and sudo fail fully satisfy root access
requirements, but for me, on a single admin box, I tend to prefer a
single root account on the basis of better security. I use sudo for
occaisional root access for other poepl, and then remove that access
when no longer needed (i.e. I don't share the root password). Thankfully
I don't work in a situation that works with multiple admins, otherwise
I'd likely be trying to get sudo to use a different authentication
system to allow separate passwords and customise the history feature,
possibly using a customised shell environment. Hmm.....
Paul Tansom | Aptanet Ltd. | http://www.aptanet.com/ | 023 9238 0001
Registered in England | Company No: 4905028 | Registered Office:
Crawford House, Hambledon Road, Denmead, Waterlooville, Hants, PO7 6NU
More information about the ubuntu-users