On Tue, Mar 2, 2010 at 9:24 PM, David C. Rankin
<drankinatty@xxxxxxxxxxxxxxxxxx> wrote:
> On 03/01/2010 05:03 PM, Ray Kohler wrote:
>> What would worry me is things like JavaScript exploits and worms -
>> things that you download and then run as yourself, whether
>> intentionally or not. A password prompt will block malware like that,
>> but with no password, you just go owned in one step.
>
> How would this be any different than 'sudo' configured to allow members of the
> wheel group to sudo w/o a password?
>
> Same answer - data prevails - set sudo to require a password? I have run servers
> for more than a decade with sudo/wheel group access enabled w/o a password - no
> problems. May have just been lucky :p
>
> Ray, all - any different thoughts about sudo w/o a password compared to su? Or
> same answer, with no password, you just got owned in one step :p
Yes, same answer, you get owned. In fact, even with a password
required, the "5 minute grace window" for sudo does you in - some bad
guy just keeps trying to sudo, until you do it legitimately, thereby
allowing it freely for 5 minutes, and then he's got root.
What I actually do, myself, is to not install sudo at all, and just
use su. I also uncomment the pam line that requires wheel membership
to su. In order to make su be a little more comfortable, I do this:
alias su='su -m'
sr ()
{
/bin/su -m -c "$*"
}
I only recommend doing away with sudo if you're the only person who
has root on the machine. For multiple users needing such access,
sudo's fine-grained controls are well worth it, and prevent you from
having to hand out the root password every time it gets changed.
