Re: sudo password vs. login

To: Felipe Sateler <fsateler@gmail.com>
Cc: debian-user@lists.debian.org
Subject: Re: sudo password vs. login
From: "Roberto C. Sanchez" <roberto@familiasanchez.net>
Date: Mon, 29 May 2006 13:34:19 -0400
Message-id: <[🔎] 447B309B.7080809@familiasanchez.net>
In-reply-to: <[🔎] e5f62l$sal$1@sea.gmane.org>
References: <[🔎] 142682e10605280722y11efbf2dlf85da23c143bbe01@mail.gmail.com> <[🔎] 447A14F0.6040905@familiasanchez.net> <[🔎] e5f62l$sal$1@sea.gmane.org>

Felipe Sateler wrote:
> Roberto C. Sanchez wrote:
> 
> 
>>I like the approach which SuSE takes.  It requires the *root* password
>>to use sudo, not the user's password.
> 
> 
> But then when you want to revoke the privilege of any user, you'd have to
> change the root password, instead of only removing a line from the sudoers
> file.
> 

That is a good point.  On the flip side, though, you should change the
root passowrd anyway when removing someone from sudo access, since you
have no idea if they even have the root password.  They had access to
the shadow file (if you use that on your system) and probably plenty of
time to crack it.

-Roberto

-- 
Roberto C. Sanchez
http://familiasanchez.net/~roberto

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Re: sudo password vs. login
  - From: John Hasler <jhasler@debian.org>

References:
- sudo password vs. login
  - From: "Joseph Smidt" <jsmidt@byu.edu>
- Re: sudo password vs. login
  - From: "Roberto C. Sanchez" <roberto@familiasanchez.net>
- Re: sudo password vs. login
  - From: Felipe Sateler <fsateler@gmail.com>

Prev by Date: Re: sudo password vs. login
Next by Date: CHECKSUM finding software to do it.
Previous by thread: Re: sudo password vs. login
Next by thread: Re: sudo password vs. login
Index(es):
- Date
- Thread