[plug] sudo
Dean Holland
speedster at westnet.com.au
Thu Mar 24 21:42:54 WST 2005
Alex Nordstrom wrote:
>
> Although, supposing the attack vector is SSH, any sensible configuration
> should prohibit root logins, which means an attacker would have to
> figure out (1) an SSH-allowed user (2) the user's password and
> (3) root's password. In this respect, sudo is less secure, as it omits
> the third requirement.
Assuming you configure sudo to allow unrestricted access to all
privileged commands.
sudo is useful if you want to give a user/group access to certain
privileged commands without setting the suid bit on that command (which
would give everyone privileged access).
It's also useful if you are using it in a true multi-user environment -
if multiple people have root access and one does something malicious it
makes it tricky to track down who did it if more than one person is
logged in at once as root. With sudo it logs to /var/log/secure.log so
you can smite whoever abuses it, though it is moot if the sudo user has
access to stop/kill syslogd :)
Dean
> ------------------------------------------------------------------------
>
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
More information about the plug
mailing list