Hi
1) Once any non-admin learns the root password, everybody knows the root
password. And unless the admin wants to do every trivial admin
activity, the root password must be given out and thus compromized.
2) Root logins are security problems because you can't tell which
human actually logged on in the guise of root. Whom do you fire,
even if you figure out what was done?
3) Sudo(1) allows fine control over which programs a user can run as
any other user.
4) With sudo(1), an authenticated user must reauthenticate to run a
program as another user. (Trusted users need not reauthenticate.)
5) Sudo(1) logs the activity so you will have an audit trail. System
console, and syslog.
Using sudo(1) is a big security win.
In many cases, yes it can be a big security win but the question here
is do you want to the default user to have all administrative access
through his own password?. That makes sense for the typical home user
who owns his system anyway but it doesnt seem to be a big advantage for
any system where system administration is done by other people who want
to limit access to only non-root routine tasks for regular users.
Several programs might not work well with sudo like webmin for instance.
Shell redirection under sudo might not well as expected. ex: sudo ls
/etc > /root/etc.list. If we decide that Fedora Core will be squarely
targeted at the desktop then sudo might work well but otherwise I dont
see it as a generic default solution.
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
