Uttered n0dalus <n0dalus+redhat@xxxxxxxxx>, spake thus: > Why should we cripple people's ability to administrate their systems > by taking away the root password? If I had to prepend all my commands > with 'sudo' and half of my paths with '/sbin' I'd quickly get > frustrated and give root a password. So put "/sbin" on your normal path. Well, doing a significant amount of work as root does seem to justify sudo'ing into the root account: $ sudo su - But the proper /etc/sudoers entry would let only _your_ account run _only_ that program and require _your_ password to do it. At least you'd get an audit trail entry as you entered the superuser realm. With a root login, you get *nothing*. Was that a hostile root login? You can only hope not. > Just because admins know the root password doesn't mean any malware > that manages to sneak on does too. Putting all the users in sudoers > means that malware only needs to get a user password for root access, > which is usually much easier than obtaining the root password. Not really. To break into a UNIX system, I need to have two items: a valid account name, and a valid password. With the "root" account, I'm halfway there already. > Weak passwords are not sudo's fault, but statistically the more users > in sudoers the easier it becomes to get root access. It doesn't matter > how strong the passwords are. The idea is not to C3 secure the whole environment (that's another show ;-) but to help Aunt Minerva (substitute your favorite non-technical user name here) get help when something gets bungled while in superuser mode. At least there is an audit trail so the help desk can get a glimmer of what was actually done rather than what the semi-inept user thought was being done. The goal, at least of my original posting, was to encourage newbies to use the sudo method for those times they need superuser privilege. Reading the sudo(1) man page gives pause even to seasoned admins and probably drives newbies back screaming to Google.com for another command. Yet, sudo(1) is probably the safest was to superuser command line access for casual admin activity. Thus the need to gently steer newbies to sudo(1) for, maybe, some set of common root commands. Sudo(1) is not intended to outlaw su(8) for real admins and power users. As we try to promote Linux on the desktop and in the home, depending on more casual admins, we need more audit trails, not fewer, so the savy among us can help when disaster ensues. Sudo(1) or su(8) issues aside, disaster _will_ ensue, so why not try for the most well-paved path? Cheers
Attachment:
pgpE3XPFBdmG0.pgp
Description: PGP signature
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
