sudo and /etc/sudoers
crp at cmc.net
Wed Dec 31 04:27:41 GMT 2008
Smoot Carl-Mitchell wrote:
> On Tue, 2008-12-30 at 08:20 -0500, Mark Haney wrote:
>> Sudo is not only important, it's vital for secure consistent and
>> granular control of root permissions for users. Without it, you can't
>> manage controls OR figure out who did what if an audit trail is needed.
> Amen to this. sudo is not perfect in these regards, but it is a heck of
> a lot better than running root shells which until sudo came along was
> the only way to manage Unix systems. Security experts have known for a
> long time the weakness of having uid "0" be a "special" account. Check
> out the kernel sources sometime and see how many places there are checks
> to see if the effective userid is zero.
> Ideally, there would be no "root" account. Access privileges would be
> controlled by a more granular system. sudo is an attempt to implement
> such a system on top of the imperfect uid "0" system.
You just jogged me out of my complacency with the uid 0 information
there. Tell me if there is a problem with the following information
gleaned from System Monitor.
/usr/bin/ssh-agent /usr/bin/seahorse-agent --execute
x-session-manager (this is the command line for ssh-agent)
/usr/bin/X :0 -br -audit 0 -auth /var/lib/gdm:0,Xauth -nolisten tcp
vt7 (this is the command line for Xorg)
watchdog/0 (I searched for this package in synaptic, and it claims
this isn't installed)
/usr/bin/seahorse-agent --execute x-session-manager (same as first
line, but without ssh running it)
nautilus --no-default-window --sm-client-id default2 (I do not have
Nautilus running...why is this there?)
migration/0 (what is this?)
ksoftirqd/0 (don't know what this is either??)
kondemand/0 (this one is another mystery to me...)
kblockd/0 ( also don't know what this is)
hald-addon-storage: polling /dev/sdc0 (every 16 secs)
hald-addon-storage: polling /dev/sde (every 16 secs)
hald-addon-storage: polling /dev/sdc (every 16 secs)
hald-addon-storage: polling /dev/sdb (every 16 secs)
hald-addon-storage: polling /dev/sdd (every 16 secs) [why are my drives
being polled every 16 seconds?]
gnome-panel ---sm-client-id default1 [I note that this client id differs
from the one shown for Nautilus above]
I also have a getty process running on tty1 through tty6, should all of
those be running?
dcopserver [kdeinit] --nosid --suicide (what the heck is this?)
Terminal command sudo fdisk -l report s the following for my drive which
Device Boot Start End Blocks Id System
/dev/sda1 * 1 5197 41744871 7 HPFS/NTFS
/dev/sda2 5198 19457 114543450 f W95 Ext'd (LBA)
/dev/sda5 5198 7224 16281846 7 HPFS/NTFS
/dev/sda6 7225 12992 46331428+ 83 Linux
/dev/sda7 12993 15529 20378421 7 HPFS/NTFS
/dev/sda8 15530 16804 10241406 7 HPFS/NTFS
/dev/sda9 16805 19457 21310191 7 HPFS/NTFS
I don't know where it's getting the idea that sda2 is a win95 file
system as I've never had 95 on this machine, it came with Win XP home on it.
There is no Linux swap shown, as I'm using a swap file, due to my
neglecting to have set up a swap partition during a re-install of Ubuntu.
I'm aware that ssh is used for secure connections over a network, but
I'm on a standalone machine here, with only a DSL connection to the
Internet, so who's using ssh?
I'm concerned because when I first started using Ubuntu it was very
snappy, with no delays when switching programs, and now it has developed
the habit of graying out whichever program I am changing to quite
frequently, which is beginning to annoy me mightily.
Does anyone see any problems with the above command lines?
By the way, sorry to jump in on this thread, but that information about
root being uid 0 got me concerned with all the 0 parameters in the
command lines that are running here.
Thanks for any help you can be with helping this relatively new Ubuntu
user to understand what is running on his system.
Later, Ray Parrish
http://www.rayslinks.com/ Web index of human reviewed links.
Trouble shooting and Fixing Windows
http://www.writingsoftheschizophrenic.com My poetry in web pages
More information about the ubuntu-users