On Lu, 09 dec 13, 09:09:11, Gian Uberto Lauri wrote: > > What are the benefits of The "Macintosh/Ubuntu" use of sudo? Improved > security? Are you kidding? Whatever the user I compromise I have root > access, just type "sudo bash". sudo doesn't make this worse, just slightly easier. Compromising any user account used for getting root is equivalent to getting root on the system. > Furthermore the sudo habit of keeping valid an authentication for a > certain amount of time seems like an open door for malicious code > injection. 1. this can be turned off 2. it's still better than having to require a password every time the user runs 'sudo <command>', because the net effect would be that most would disable the password completely or just leave a 'sudo -i' session active for ever (and not lock their screen, etc.) > And if this not enough, sudo may become disruptive on machines with > several users, unless all of them have the required skills (included > the one of stopping and asking advice!) and common administration > policies are accepted by all. Sorry, but I don't think it's fair to blame 'sudo' for the fact that the system administrator granted sudo privileges to the wrong users. You can't solve social problems by technical means. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic http://nuvreauspam.ro/gpg-transition.txt
Attachment:
signature.asc
Description: Digital signature