cl at isbd.net
Thu Jan 15 14:52:34 UTC 2009
On Thu, Jan 15, 2009 at 09:31:32AM -0500, Mark Haney wrote:
> Chris G wrote:
> > It's one of the reasons I don't use sudo (no one has any sudo
> > privileges) on my system. I also have ssh root access disabled.
> > So, to get root access, an attacker using ssh has to first guess my
> > (or another user) password and then guess the root password.
> > (In addition ssh is only allowed from a few IP addresses but that's
> > irrelevant to my comment above)
> So basically, you have a typical secure linux setup, where to do any
> thing with root, you have to log in as root?
Yes, simple! :-)
> For me, that's the most secure method of managing a system. Granted, it
> isn't the most /convenient/ at times, but that's a sacrifice I'm willing
> to make on the internet facing systems I have to manage.
I personally find using sudo inconvenient. Maybe it's just a history
of having worked on Unix (HP and Solaris) systems for so many years
but sudo just seems like a workaround to me.
More information about the ubuntu-users