sudo versus #
Pastor JW
pastor_jw at the-inner-circle.org
Sat Feb 13 21:21:33 UTC 2010
On Wednesday 10 February 2010 1:43:40 pm Bill Marcum wrote:
> On 2010-02-10, KAYVEN RIESE <kayve at sfsu.edu> wrote:
> >
> > Also, I notice that when Ubuntu gives me those update dialog boxes my
> > root password doesn't work to allow the installation to go forward. This
> > makes me irritated, because it instead wants my normal user password,
> > which for me by design is a weaker password that I use for more things
> > and thus could be more easily cracked. My root password is longer and I
> > use it for less things. Both are immune to dictionary attack, but it
> > bothers me the way this subverts my configuration.
So remember how frustrated and irritated you became trying to install
something as root. Think about it from the point of view of person trying to
hack into your system. He of course first tries the root account and spends
some time trying to find a non-existant password for root. He could then
turn to the users of the machine , my laptop alone has five users, and find
after some time that most of them also don't even have all superuser
privileges move to the nextuser and find his password only to find he has
printing privilege but can't write to root either and likely he doesn't
understand sudo even as well as you do. How much time is he willing to spend
trying all the different frustrating at every turn attempts to break into
root before he gives up and goes to an easier target like the sap who HAS
enabled a root password!
> As you know, by default Ubuntu doesn't have a root password. If you know
> enough to create a root password, you can customize the security in
> other ways. You can edit the /etc/sudoers file to make it require the
> root password instead, or to execute specific commands without requiring
> a password. See "man sudoers".
A very good pro and con description can be found at
https://help.ubuntu.com/community/RootSudo that explains it all way better
than I can. You can fine tune how much privilege each of your users has on
the system. It also shows how to enable and disable the root password.
--
73 de N7PSV aka Pastor JW <n>< PDGA# 35276
http://the-inner-circle.org _Registered Kubuntu User: #27403
http://groups.yahoo.com/group/the_original_inner_circle
http://h.webring.com/hub?ring=universalministr
More information about the ubuntu-users
mailing list