[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: su question

On Fri, Jul 07, 2000 at 05:28:54PM -0400, Ben Collins wrote:

> sudo alleviates the need for this. I suggest using that where you are
> interested in an easier method. Also, sudo requires a password just like
> su, but caches that access. This means that you can use sudo again within
> like 15 minutes (configurable) without having to type your password again.
> Plus sudo allows you to use your own password, as opposed to the root
> password.

which i think is a bad idea.  if your ordinary user account password
is compromised its just as bad as a root compromise if you have full
sudo privleges (sudo bash). if you only use the real su for gaining
root and performing maintainence then a compromise of your own account
is not an automatic root.  

IMHO of course.  

Ethan Benson

Attachment: pgpDgV7WgwZVG.pgp
Description: PGP signature

Reply to: