SSH hacked?

Ioannis Vranos ivranos at freemail.gr
Fri Jan 16 12:47:01 UTC 2009 

Knapp wrote:
> 
> 
> At first I thought that was a great idea, but then I thought that has 
> been done and it is called root.
> 
> 
>     - sudo 'expires' so that a half an hour later you aren't still root
>     when you throw out that folder you don't need anymore...
> 
> 
> Yes, but you still need to type sudo to do anything really dumb. Also I 
> mostly toss stuff with the gui {trash stops most stupidity} as a none 
> root user. As a home users there really are not many root files that get 
> edited and tossed out, ever. Updating is about the only common root 
> activity on a home computer after the first install is done and the week 
> after that, were you tweek everything.
>  
> 
> 
>     Brian
> 
> 
> I am not trying to say my way is right or best but just simply common 
> because it is easy to do it that way. As a home user, ease of use and 
> laziness come first. Sad but true. Any system made for home users must 
> come to terms with this fact. As a home users, I want simple fast and 
> easy but of course bleeding edge with massive power. LOL

Windows Vista/7 also come with UAC.

Also not all user accounts can become root with sudo. AFAIK their 
account privileges must include the "Administer the system" option.



 From the web:

"Benefits of using sudo

Some benefits of leaving root logins disabled by default include the 
following:

     * The Ubuntu installer has fewer questions to ask.
     * Users don't have to remember an extra password (i.e. the root 
password), which they are likely to forget.
     *

       It avoids the "I can do anything" interactive login by default 
(e.g. the tendency by users to login as an "Administrator" user in 
Microsoft Windows systems), you will be prompted for a password before 
major changes can happen, which should make you think about the 
consequences of what you are doing.
     *

       sudo adds a log entry of the command(s) run (in 
/var/log/auth.log). If you mess up, you can always go back and see what 
commands were run. It is also nice for auditing.
     *

       Every cracker trying to brute-force their way into your box will 
know it has an account named root and will try that first. What they 
don't know is what the usernames of your other users are. Since the root 
account password is locked, this attack becomes essentially meaningless, 
since there is no password to crack or guess in the first place.
     *

       Allows easy transfer for admin rights, in a short term or long 
term period, by adding and removing users from groups, while not 
compromising the root account.
     * sudo can be setup with a much more fine-grained security policy.
     * The authentication automatically expires after a short time 
(which can be set to as little as desired or 0); so if you walk away 
from the terminal after running commands as root using sudo, you will 
not be leaving a root terminal open indefinitely".

More information about the ubuntu-users mailing list