sudo and /etc/sudoers
Smoot Carl-Mitchell
smoot at tic.com
Sat Dec 27 23:46:10 UTC 2008
On Sun, 2008-12-28 at 08:59 +1000, Res wrote:
> On Sat, 27 Dec 2008, Karl F. Larsen wrote:
> sudo -i
> once accepted, type passwd, set a pasword, then use su and enter roots
> password, voila, nowi know a bunch of clowns on here will go " oh no, omg
> how dare you' yeah, right, they can blow it out their ...
> its no more less secure than sudo if you know what you're doing, infact in
> both default formats its more secure, no caching.
I used to do this before sudo. The advantage of sudo is you only have
to remember one password. Also sudo carries your environment around
with you, so you can run superuser commands as needed in the current
directory with the your current environment. I find it handier than
depending on root's environment or remembering what the current working
directory of the root shell is. Running a root shell I think is always
a bit dangerous. Wait until you do something like this inadvertently:
1) Open a root shell with sudo -i
2) cd to / for some reason
3) Work in your regular shell and discover some directory you want to
delete all the files in a protected directory
4) Switch to the root shell and run "rm -rf *" thinking you are in the
correct directory. Oops.....
I am not sure what you mean by "caching". sudo does not cache anything.
It does keep a timestamp file in a protected directory. The only way to
exploit the timestamp file is to be root or have root privileges, so it
presents no security risk.
--
Smoot Carl-Mitchell
System/Network Architect
smoot at tic.com
+1 480 922 7313
cell: +1 602 421 9005
More information about the ubuntu-users
mailing list