Uttered n0dalus <n0dalus+redhat@xxxxxxxxx>, spake thus: > I know other distributions do this, but I don't think it is a good > idea. Adding the first user to /etc/sudoers means that any malware > only needs to get that user's password, or get itself to run after you > use sudo, and then it gets root access. > > I don't see what is wrong with using su. 1) Once any non-admin learns the root password, everybody knows the root password. And unless the admin wants to do every trivial admin activity, the root password must be given out and thus compromized. 2) Root logins are security problems because you can't tell which human actually logged on in the guise of root. Whom do you fire, even if you figure out what was done? 3) Sudo(1) allows fine control over which programs a user can run as any other user. 4) With sudo(1), an authenticated user must reauthenticate to run a program as another user. (Trusted users need not reauthenticate.) 5) Sudo(1) logs the activity so you will have an audit trail. System console, and syslog. Using sudo(1) is a big security win. Unfortunately, the man(1) page is a bit confusing for newbies and using su(8) seems so convenient. But with a small setup step, I can safely allow: $ sudo rpm -Uvh /path/to/a/package to be run by a trusted user because I'll get notices about it the attempt, its success or failure, as well as getting a record about what command line was used. HTH
Attachment:
pgp8jKkXbbkUD.pgp
Description: PGP signature
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
