LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-27-2009, 09:54 AM   #16
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 416Reputation: 416Reputation: 416Reputation: 416Reputation: 416

Quote:
OK, but I'll assume that user X who decides to switch from *buntu to sudoless distro Y will be prompted for a root password during install. I have never seen any distro that makes up a root password behind my back - and if one exists, I think I'd rather not have anything to do with it.
At the risk of derailing this thread, what are you on about? Made-up passwords? HUH? What I'm complaining about is that in *buntu, the first user created is, for all intents and purposes, root. And since that is frequently the only account created, there is a much more substantial security risk than having cleanly separated root and user accounts.
Quote:
More sophistry. In the past, I have seen numerous questions about setting up a root terminal or a root file browser. The ultimate evidence that nothing is sacred to the careless user, not even su.
Once again, you're missing the point. If sudo is used properly, normal accounts have access only to very specific commands. However, by default, the *buntu admin user has sudo access to ALL commands. Certainly a careless user can and will abuse root, but *buntu just makes it a lot easier.

Quote:
Once more assuming that your su user has managed to install a system without remembering the root password (s)he submitted during install and that (s)he is happy not to have any control over the system while it is in use. How are you going to install any software without su?
Once again, you are off on some weird tangent about having some unknown root password. That isn't the point. The point is that in *buntu, you bring up synaptic, search for a program, enter the admin password and then a bunch of stuff gets installed. Given the way synaptic works, I suspect very few people actually investigate what dependencies are being installed and are just blindly installing stuff. This is Windows behavior.

Quote:
Only it is windows that imitated the OS X/ linux model, not the other way round.
As far as I can tell, Windows hasn't imitated anybody, at least not with XP and prior. The main problem with the Windows model is that the normal user has admin privileges. Just like the *buntu. Granted, there is a lot more wrong with the Windows model and the *buntu admin user is probably more secure than the Windows equivalent, but in both cases it encourages bad behavior. Namely that a normal user should have admin privileges. That is just wrong.

Anyway, I've had my say and I'm going back to my Slackware induced stupor.
 
Old 06-27-2009, 10:27 AM   #17
jdkaye
LQ Guru
 
Registered: Dec 2008
Location: Westgate-on-Sea, Kent, UK
Distribution: Debian Testing Amd64
Posts: 5,464

Rep: Reputation: Disabled
Wow! Some heated emotion there. Let's remember we're all on the same team (so to speak ). Anyway thanks to both for your input. I think I'll stick with my original preference though (the Debian et al. method).
cheers,
jdk
 
Old 06-27-2009, 11:06 AM   #18
jay73
LQ Guru
 
Registered: Nov 2006
Location: Belgium
Distribution: Ubuntu 11.04, Debian testing
Posts: 5,019

Rep: Reputation: 130Reputation: 130
Quote:
Anyway, I've had my say and I'm going back to my Slackware induced stupor.
Going back?
 
Old 06-27-2009, 12:18 PM   #19
vap16oct1984
Member
 
Registered: Jun 2009
Location: INDIA
Distribution: RHEL-5
Posts: 174
Blog Entries: 3

Rep: Reputation: 38
Hello gentleman,
i dont think sudo is security rick. It's a great feature of linux.
It restricts the user, limits the user while user can enjoy some
tasks of root too. But its only when when u give permission to user.

You cant believe how its resolves many user related problem in our
organization. I am not sure about other versions of linux but in organization
especially in RHEL i love to use it.

yes one more u must know before using it, u have to be very much sure
what u exactly want to do. And u have good depth knowledge of Sudo as well.

If u look SUDO is not a small think, you can do much more with sudo.

thanks all for discussing its a great. We can develop much more to make our
Linux much more secure.
 
Old 06-28-2009, 09:59 AM   #20
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 416Reputation: 416Reputation: 416Reputation: 416Reputation: 416
Quote:
Originally Posted by jdkaye View Post
Wow! Some heated emotion there. Let's remember we're all on the same team (so to speak ).
jdk

Just so there is no confusion, there is absolutely, positively no animosity on my part towards jay73, and I apologize if I came across as overheated. As far as I can tell we were just having a pleasantly boisterous discussion on the merits of different security models.

Quote:
Originally Posted by jay73
Going back?
Yeah, you got me
 
Old 06-28-2009, 01:44 PM   #21
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 16,825

Rep: Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408
use what you like su,su - , or sudo
there is a security risk with sudo , BUT there are no conformed exploits using the "prof of concept" as far as i know .
i just prefer to use su and su -

it is kind of like ( what is better Gnome or KDE ) -- that is heated
i use some of both
so just use what you are comfortable with using su / sudo
 
Old 06-28-2009, 02:21 PM   #22
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 7,453
Blog Entries: 55

Rep: Reputation: Disabled
Who is this woman, Su? Why do I have to get her permission to do things on my computer?
Sudo: a martial art created by lawyers.

Last edited by brianL; 06-28-2009 at 02:22 PM.
 
Old 07-01-2009, 06:18 AM   #23
vap16oct1984
Member
 
Registered: Jun 2009
Location: INDIA
Distribution: RHEL-5
Posts: 174
Blog Entries: 3

Rep: Reputation: 38
Dear All,
Look the security and how good sudo. And how secure it is . what you can do with sudo.
It removes all your doubts and myth about Sudo. Go through this url

http://aplawrence.com/Basics/sudo.html

thanks a lot....
 
  


Reply

Tags
linux


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
sudo command not working. rock.k Linux - Newbie 2 02-27-2008 09:26 PM
Sudo Apt-get command use. Mr.Carioca Linux - Distributions 1 02-09-2008 08:05 PM
sudo command boy_to_man Linux - Newbie 1 01-05-2007 02:45 AM
SUDO Command help TPAWired Linux - Software 3 08-15-2005 02:50 PM
sudo command usage??? pagadala_cs Linux - Software 1 12-24-2004 11:13 AM


All times are GMT -5. The time now is 12:53 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration