[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shared root account

On Sat, Jul 07, 2001 at 02:54:27AM +0200, Simon Huggins wrote:
> Any user account that has access to the administrative account if
> compromised can give the attacker the admin account etc.
> sudo here is no worse than having your account compromised, your keys
> sniffed and su really.

the difference is it will take longer, with sudo as soon as your user
passwd is known root is granted, with su they must try to hack with
shell aliases and whatnot.  which may not work if you always type the
full path to /bin/su anyway.  

if your attentive you will probably notice the compromise before you
su to root yourself, in which case you have saved yourself a
root compromise.

i have known people who have had root cracked due entirely to sudo.  

Ethan Benson

Attachment: pgpoiwcwUQB8I.pgp
Description: PGP signature

Reply to: