[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Sudo ... use or delete?

On Friday, 29 January 2021 12:42:19 -03 tomas@tuxteam.de wrote:
> On Fri, Jan 29, 2021 at 08:12:20AM -0700, Antonio Russo wrote:
> [...]
> > But, more specifically to your question about sudo, let me argue
> > that, at the level of paranoia required to be worried about sudo,
> > you should also be worried about a LOT of other packages [...]
> I do appreciate and use sudo -- for me it reduces embarrasing
> fat-finger mistakes significantly.
> But it's not everyone cup of tea, and to be fair, there's one
> current privilege escalation vulnerability [1] around. It seems
> easily fixable (Debian has a fixed version out, if you do use
> sudo, check with [2]).
> So if you aren't using <foo>, it's wise to not install <foo>.
> Complexity kills :-)
> Cheers
IMHO sudo within itself is not dangerous but the user/admin is. Sudo has
a huge potential to be misconfigured and as a consequence to break down
all and every safety barrier. Sudo is a very good tool - to shoot
oneself into the foot.
Good read: Sudo Mastery by Michael W. Lucas
Cheers to y'all

Eike Lantzsch ZP6CGE

Reply to: