Re: Sudo
On Tue, 28 Jan 2020 10:16:18 +0200
Andrei POPESCU <andreimpopescu@gmail.com> wrote:
> On Lu, 27 ian 20, 13:01:17, Patrick Bartek wrote:
> > On Mon, 27 Jan 2020 18:21:30 +0200
> > Andrei POPESCU <andreimpopescu@gmail.com> wrote:
> > >
> > > In the typical sudo setup the root account is locked, so both su and
> > > root logins are disabled.
> >
> > My point is that sudo is more of a security "hole" since it only
> > requires a user's password which in my experience are less secure since
> > most users create short, easy to remember ones.
>
> That assumes the root password of these users would be significantly
> more secure.
Right.
Although, I seem to remember a couple of distros would recommend you
create more secure password, if you entered a poor one, but would still
accept the poor one, if you chose to do so. Can't remember which
distro(s) though.
> Even if it were, once the user account is compromised it would be easy
> to trick users into providing their root password to a fake 'su'.
The biggest security flaw with any OS is the user.
B
Reply to:
- References:
- Sudo
- From: "Harold Hartley" <wheelie207@ownmail.net>
- Re: Sudo
- From: Patrick Bartek <nemommxiv@gmail.com>
- Re: Sudo
- From: Paul Johnson <baloo@ursamundi.org>
- Re: Sudo
- From: Patrick Bartek <nemommxiv@gmail.com>
- Re: Sudo
- From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: Sudo
- From: Patrick Bartek <nemommxiv@gmail.com>
- Re: Sudo
- From: Andrei POPESCU <andreimpopescu@gmail.com>