[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: As seen above: use of su vs sudo

On 2018-08-07 at 05:58, Martin Drescher wrote:

> Hi members,
> I'm a little... lets say thoughtful, about the use of 'su' discussed
> at some points in this list. I have a strong opinion about su, which
> is, avoid it whenever it is possible and use 'sudo' instead. This is
> the case in close to a 100% in all cases I can think of. This opinion
> is based on how both programs work and deal with pam and
> environmental variables. Not to forget: You will not need to share
> (or in my case, not even set, but lock that account) a root
> password.
> And I'm curious why Debian still prefers the use of su over sudo?

I'm not sure where you get the idea that Debian does prefer that.

For my own machines to date (on most if not all of which I'm the primary
if not sole user, or at least non-remote user), I don't even permit sudo
to be installed. (Or at least I didn't, until I decided I wanted
ubuntu-dev-tools - which depends on it - on one such machine. I may even
revert that decision on further consideration.)

My rationale for doing that is (in crude form) that to permit any
root-level things to be done with an ordinary user's password - even
mediated by a task-limiting mechanism such as I understand /etc/sudoers
to be - is a security hole; not only is an ordinary user's password more
likely to leak (whether by social engineering or by malicious code
running as the user or by anything in between), if you're not trusted to
have the root password in addition to your own, you shouldn't be doing
any root-needing things in the first place.

Over the years, I've moderated that position somewhat, enough to concede
that there may be value in being able to hand out the ability to do some
elevated-access things without handing out the ability to do all of
them. That would just mean I'd want to set up various other (non-root,
non-ordinary) users, with their own passwords and the necessary access
to do those specific things, and hand out those passwords instead. (And
still probably have people use something like 'su -c' instead of sudo,
unless sudo permits requiring the password of a user other than the one
invoking the command.)

   The Wanderer

The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man.         -- George Bernard Shaw

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: