On Lu, 09 dec 13, 10:56:22, Gian Uberto Lauri wrote: > > sudo makes it a bit worse. Any user account opens the door to the root > account. Therefore you have to guard a larger perimeter. Could you please elaborate on this? In Debian's default configuration this is simply not true. > > > Furthermore the sudo habit of keeping valid an authentication for a > > > certain amount of time seems like an open door for malicious code > > > injection. > > > > 1. this can be turned off > > It should by default, or the configuration should be more flexible and > interactive. > > Even rewriting the configuration-file-handling-code in sudo could be a > good idea :>. Huh? > > 2. it's still better than having to require a password every time the > > user runs 'sudo <command>', because the net effect would be that most > > would disable the password completely or just leave a 'sudo -i' session > > active for ever (and not lock their screen, etc.) > > Teach them to use a root session that must be handled with exteme > care. I'd rather they work as they own user all the time and just preface with 'sudo' the occasional command that really needs it. You are of course aware that you can configure sudo to only allow specific commands, right? > I have to do X commands as root? I su root, do the X command and close > the session. > > With the off-the-shelf configuration, the simplest thing to do is sudo > bash. Sorry, but I can't see the connection between those two. Besides, logging in as root under X is a big no-no, there are much safer ways to run X programs as root (though I don't remember the last time I needed to do this). > Mine talk about a group with a sysadmin where having "all this > freedom" to sudo lead to a waste and misallocation of resources that > took some *months* to fix. > > Yes, policies should have prevented this, but this use of sudo leads > users to feel less "the danger" that lies beneath using administrative > privileges in a system. It's a psychological barrier that you should > not underestimate. The default configuration doesn't grant privileges to anyone. The sysadmin is responsible for granting additional privileges only to properly trained/responsible/etc. persons. If a trainee cook cuts his (or someone else's) fingers you don't blame the knife (or make them use blunt knifes instead). Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic http://nuvreauspam.ro/gpg-transition.txt
Attachment:
signature.asc
Description: Digital signature