Re: sudo security Was: Reporting missing package during install
On Tue, 2013-12-10 at 12:08 +0100, Gian Uberto Lauri wrote:
> Or not, at least until someone else wants your cpu-power, and in that
> case you could find yourself left with no other option that "cutting
> the cables" and reinstall.
It's not CPU power I would notice or that would cause issues. Many
people drop Internet on audio production environments completely.
However, indeed there are moments each day, I wouldn't notice an attack.
I'm not the police, so if the NSA or a spam mafia should misuse my PC
and I wouldn't notice it, bad luck, but not for me. If somebody would
break my Linux, I would restore it from a backup.
That's about security in general.
I don't understand why sudo should be less save. For Arch Linux there
are no defaults, the user has to edit all the settings. For Debian there
is a default and Debian is known to be a secure distro, so it seems to
be unlikely that the default sudo on Debian will make it less secure.
I still do not understand what exactly is more secure by using su, than
when having both su and sudo or only sudo.
For servers with many users there are for sure books written how to make
them most secure possible. For my PC and many other home PCs there is
zero need for much security. If I would need a computer for data that
should be safe, I would use a computer that never is connected to the
Internet.
AFAIK for the multi-user-system the biggest issue are USB ports and
optical drives. As long as users can chroot using a live CD there's no
need to care about su or sudo anyway.
Perhaps somebody with real server experiences for real
multi-user-systems could enlighten us, if sudo does cause any issue and
why Debian anyway decided to make it a default.
Regards,
Ralf
Reply to: