[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: gnome CPU Frequency Scaling Monitor nagging for password

On Wed, Feb 03, 2010 at 06:55:34PM -0600, John Hasler wrote:
> Freeman writes:
> > There have been occasional mentions of sudo here, as if it were no big deal. 
> > In my original learning, it is a big deal.  That is, su, not sudo, is "the
> > Debian way,"...
> 
> That's news to me.
> -- 
> John Hasler
> 

Well, in numerous exchanges over the course of years, the case was made to
me and others that sudo can leave apps open to exploitation if not locked
down carefully.

To the extent that NOPASSWD is set and/or that password durations allow
continued commands and/or that users are listed more liberally than they
should be, the system is potentially open to attackers.  If someone gains
your account they can use any app against your root system that sudo will
allow.

The argument was that su is the Debian replacement to sudo specifically for
reason, as far as general use goes.  And that sudo is for Ubuntu users :),
or special use in Debian.

NOPASSWD is set for myself in sudo. But the only apps therein are shutdown,
if/iwconfig & iwlist, cpufreq-set and iptraf.

Anyway, that was part of my upbringing in the Debian universe. And I have
followed it.  However, I'm not inclined to pretend at authority.  I do this
to keep from going insane at my real business which has nothing to do with
cyberspace.  :)

-- 
Kind Regards,
Freeman
Reply to: