[plug] Interesting command that may make root access more fun ..

James Laurence Clarke jamesc at global.net.au
Sat May 26 12:41:02 WST 2007 

AFAIK with Ubuntu only the user which you create on the install has sudo
privileges unless you explicitly grant them to another user which you
create, so I don't think it's all that big a security hole, just don't
have a password which you give out or is easy to guess.

With Ubuntu any user can reboot or shutdown from the login screen, but
if you're not running X then you'll have to give them sudo access to
reboot or poweroff if you want them to be able to do it from the command
line.

Mac OS X works in the same way.

James

On Sat, 2007-05-26 at 10:53 +0800, Gavin Chester wrote:
> On Sat, 2007-05-26 at 03:38 +0800, Lyndon Maydwell wrote:
> > Well I guess what I'm saying is that from a security standpoint, if a
> > user has the ability to use 'sudo su' then you must assume that they
> > have full access to your system. It will be too late to retract
> > privileges from them later. Giving them root access will ensure that
> > you're not harboring a false sense of security.
> > 
> > I do advocate the use of sudo, just not indiscriminate use.
> 
> You guys were freaking me out with news of this MASSIVE security
> hole :-( Convenience, be damned! i don't want anybody having that level
> of privileged access other than 'root'. So, I had to test both methods
> and was able to breath easy:
> 
> gavin at linux:~> sudo su -
> root's password:
> Sorry, try again.
> root's password:
> Sorry, try again.
> root's password:
> sudo: 2 incorrect password attempts
> gavin at linux:~> sudo -i
> root's password:
> Sorry, try again.
> 
> This a default install of suse10.1, so bless 'em for looking after
> ignorant users like me ;-) Is it just unsafe with debian-based
> distros, I wonder ;-)
> 
> Gavin
> 
> 
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
-- 
########################################################################
#  +                                                                +  #
# +++ "I can do all things through Christ which strengtheneth Me"  +++ #
#  +                 - Philippians 4:13 (KJV)                       +  #
#  +                                                                +  #
#                                                                      #
# My PBase Galleries:- http://www.pbase.com/jameslclarke               #
#                                                                      #
# Web Site:- http://www.global.net.au/~jamesc                          #
#                                                                      #
########################################################################

More information about the plug mailing list