On 6/20/07, Dan Young <dyoung@xxxxxxxxxxxxxx> wrote:
On 6/19/07, n0dalus <n0dalus+redhat@xxxxxxxxx> wrote: > In what way would it benefit a majority of users? I could be wrong, > but I suspect the majority of Fedora installations only have one > administrator, in which case, sudo actually ends up making things > _less_ secure (it provides another account by which root access can be > cracked). In a "1st user gets sudo" scenario, I'd lock the root account. It wouldn't be _another_ account to crack, it would be a different account.
If that's what you want, can I suggest you propose that as a firstboot option instead then? Currently the proposal seemed to be just "1st user gets sudo", and root is still available. The approach I personally use is to keep the root account enabled, disable root from logging in with ssh/gdm/kdm/xdm, and then use su - from my user account. The options proposed so far are: 1) Provide no option on install/firstboot. Keep the system as is, with nobody in sudoers and users use su - or login as root directly to get root access. 2) Provide the option to put the firstboot created user in sudoers, users use sudo, su - or direct root login to get root access. As I've pointed out earlier, this is not really that helpful. 3) Provide the option to put the firstboot created user in sudoers and disable the root login, users use sudo to get root access. This is the method used in Some Other (TM) distros. To throw a couple of other options into the mix: 4) Provide no option on install/firstboot, but disable root logins in ssh_config/etc by default (after firstboot has been run, so don't do this on an upgrade), users use su - to get root access. 5) Provide an option in firstboot to disable root logins in ssh_config/etc and users can use su - to get root access. Are there other possible options? For 4 and 5, would we want gdm/kdm/xdm root logins disabled? How about vt root logins? The reason for blocking ssh root access is fairly straightforward; it's the only practical method for cracking the root account. Blocking gdm/kdm/xdm is just to discourage users from logging into their desktops as root, which we should be doing anyway. You'd block vt root logins too if you wanted to completely ensure root can only be reached by su -. I'd personally vote for 1, but would also be happy with 4 or 5. n0dalus. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
