Re: As seen above: use of su vs sudo

To: debian-user@lists.debian.org
Subject: Re: As seen above: use of su vs sudo
From: Martin <keine-eile@online.de>
Date: Tue, 7 Aug 2018 13:47:18 +0200
Message-id: <[🔎] 722f650b-7cad-df7e-884a-d3cb994d6f03@online.de>
In-reply-to: <[🔎] 5B69806D.7050901@fastmail.fm>
References: <[🔎] 9494b29f-b9a2-7f3b-be33-0824df53aea3@online.de> <[🔎] 5B69806D.7050901@fastmail.fm>

Am 07.08.2018 um 13:20 schrieb The Wanderer:
> On 2018-08-07 at 05:58, Martin Drescher wrote:
> 
>> Hi members,
>>
>> I'm a little... lets say thoughtful, about the use of 'su' discussed
>> at some points in this list. I have a strong opinion about su, which
>> is, avoid it whenever it is possible and use 'sudo' instead. This is
>> the case in close to a 100% in all cases I can think of. This opinion
>> is based on how both programs work and deal with pam and
>> environmental variables. Not to forget: You will not need to share
>> (or in my case, not even set, but lock that account) a root
>> password.
>>
>> And I'm curious why Debian still prefers the use of su over sudo?
> 
> I'm not sure where you get the idea that Debian does prefer that.

It is not part of the base install. Besides the statement from Jonathan Dowland earlier.

> For my own machines to date (on most if not all of which I'm the primary
> if not sole user, or at least non-remote user), I don't even permit sudo
> to be installed. (Or at least I didn't, until I decided I wanted
> ubuntu-dev-tools - which depends on it - on one such machine. I may even
> revert that decision on further consideration.)

As a system operator, you need some elevated privileges on a daily basis. How do you do that without sudo?

> My rationale for doing that is (in crude form) that to permit any
> root-level things to be done with an ordinary user's password - even
> mediated by a task-limiting mechanism such as I understand /etc/sudoers
> to be - is a security hole; not only is an ordinary user's password more
> likely to leak (whether by social engineering or by malicious code
> running as the user or by anything in between), if you're not trusted to
> have the root password in addition to your own, you shouldn't be doing
> any root-needing things in the first place.

The point is not, that ONE person needs a root password. All people intended to do privileged things will have to share this password. This is a security nightmare!

> Over the years, I've moderated that position somewhat, enough to concede
> that there may be value in being able to hand out the ability to do some
> elevated-access things without handing out the ability to do all of
> them. That would just mean I'd want to set up various other (non-root,
> non-ordinary) users, with their own passwords and the necessary access
> to do those specific things, and hand out those passwords instead. (And

So you are spreading even more passwords around the world... No.

> still probably have people use something like 'su -c' instead of sudo,
> unless sudo permits requiring the password of a user other than the one
> invoking the command.)

Ok, you have not read the sudo man page, neither understood the concept. And why you do _not_ want to use 'targetpw'. No offence, but you really need to thin about your thesis on privilege management.


Martin

Reply to:

Follow-Ups:
- Re: As seen above: use of su vs sudo
  - From: The Wanderer <wanderer@fastmail.fm>

References:
- As seen above: use of su vs sudo
  - From: Martin Drescher <keine-eile@online.de>
- Re: As seen above: use of su vs sudo
  - From: The Wanderer <wanderer@fastmail.fm>

Prev by Date: Re: Please help with error message
Next by Date: Re: As seen above: use of su vs sudo
Previous by thread: Re: As seen above: use of su vs sudo
Next by thread: Re: As seen above: use of su vs sudo
Index(es):
- Date
- Thread