[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: As seen above: use of su vs sudo

The Wanderer (2018-08-07):
> I don't consider that a significant downside;

Maybe your uses are too limited for you to experience it.

>						in some contexts, it may
> even be an advantage.

No, it may not. With sudo, adding "sh -c" allows to emulate su's
behaviour. On the other hand, su cannot emulate sudo's behaviour at all.

> An inclination in the direction of doing that would be a mark against
> that user being considered sufficiently trustworthy to have the elevated
> access to begin with.

I was referring to the real world, not wishful thinking.

> > Anyone who learns the user's password can obtain the second password 
> > pretty easily.
> How so?

Just insert a fake su in their path. There are more subtle ways.

> There's a point there, but I do consider the rest of the system (beyond
> just the user's account) to be something worth securing, even on a
> single-user system.

Maybe. But it does not need to be *more* secure than the user's account.


  Nicolas George

Attachment: signature.asc
Description: Digital signature

Reply to: