Another reason to prefer a real root over sudo

Mark Kirkwood markir at paradise.net.nz
Fri Feb 6 01:53:43 UTC 2009


Res wrote:
>
>
> -I have 2 logins on this box, res and root
> -res cant sudo, nobody can.
> -root has a separate very long and hard password
> -I allow res external ssh access
> -i dissalow root external access
>
> scenario one:
>
> someone cracks res's password, they have my pass so they use sudo and 
> fuck me over rm -rf /  bye bye system
>
> scenario two:
> someone cracks res's password, they have my pass, sudo and get nowhere, 
> oh well they can rm -rf everthing "res" owns *BUT* my system is perfenctly 
> sane and safe because they dont have the ability to delete anything else, 
> sure, once in they can run stuff to try crack root, but im betting they 
> will take years to do so with the pass's I use on root a/c's
>
>
> So, whilst your busy, crying yourself in your drink and reinstalling and 
> trying to find copies of some important data,  I'm shrugging my shoulders 
> and deleting res and re adding res, changing its pass and installing last 
> nights /home/res and going back to watch tele, some 3 minutes later.
>
>   

More likely:

Someone gets access to res's account, installs a keylogger and waits 
until they have your root password. You too will be looking for your 
backups and beer... Once an intruder has local access, all bets are off.

My desktop system is Freebsd, and its setup as you have described. 
However for my Ubuntu laptop, I use sudo, as it is easiest to go with 
how it is setup. I see no purpose in being overly religious about sudo 
vs root.

regards

Mark




More information about the ubuntu-users mailing list