Quote:
|
sudo vs su - problem solved for me
sudo is okay for a one-shot. For more I have a script named rootwin, which is (on FC6):
PWD=`/bin/pwd` su -plm -c "xhost +; cd $PWD; gnome-terminal --window-with-profile=Default &" root Root's default terminal has a coral background, so can't mistake it. Type the password once. (Had to do something slightly sneakier on ubuntu 9.10, I forget what, but same idea). We use rootwin a lot. |
An easily customizable alternative /etc/sudoers file for Slackware providing some pretty convenient administrating privileges to those in the root group without them having to have the root password:
Code:
# sudoers file. An alternative package for sudo, enabling all of the insults: sudo-1.7.4p6-x86_64-1ram.txz |
I work full time on Linux since 1998 and strictly login AND work as root
that keeps me awake and forces me to pay attention to what I do important to me because all my remote controlled servers also need to be managed |
sudo is useful for machines with users needing occasional privilege elevation. Disabling root access completely and forcing admin users to repeatedly type their passwords is not only less secure it is also time consuming, particularly when performing many short commands at intervals.
Disabling any remote root logins, limiting login attempts, hardening the system, timing out idle root sessions and using strong passwords (or alternately ssh keys) is far more secure and time effective. Regarding admins with root access leaving the organization... isn't it about time you changed the root passwords anyway? Or is turnover really that high? ;) |
The only that I have for the sudo command is so that I can shutdown my computer from a fluxbox menu.
In almost all other cases I use the su command if I need root privileges. On very rare occasions I log in as root. |
against sudo/su: allows to gain root from a compromised otherwise non-privileged user account (Owl)
Quote:
The designers of the secured OpenWall GNU/*/Linux distro have also expressed critical opinions on `su` (for becoming root) and `sudo`. You might be interested in reading this thread: [...unfortunately both su and sudo are subtly but fundamentally flawed.](http://www.openwall.com/lists/owl-users/2004/10/20/6): Quote:
> Yes, it used to be common sysadmin > wisdom to "su root" rather than login > as root. Those few who, when asked, > could actually come up with a valid > reason for this preference would refer > to the better accountability achieved > with this approach. Yes, this really > is a good reason in favor of this > approach. But it's also the only one. ...(read more) In their distro, they have ["completely got rid of SUID root programs in the default install"](http://www.openwall.com/lists/oss-security/2010/11/08/3) (i.e., including `su`; and they do not use capabilities for this): > For servers, I think people need to > reconsider and, in most cases, > disallow invocation of su and sudo by > the users. There's no added security > from the old "login as non-root, then > su or sudo to root" sysadmin "wisdom", > as compared to logging in as non-root > and as root directly (two separate > sessions). On the contrary, the > latter approach is the only correct > one, from a security standpoint: > > http://www.openwall.com/lists/owl-users/2004/10/20/6 > > (For accountability of multiple > sysadmins, the system needs to support > having multiple root-privileged > accounts, like Owl does.) > > (For desktops with X, this gets > trickier.) > > You also absolutely have to deal with... BTW, they were to replace `sulogin` with [`msulogin`](http://www.ohloh.net/p/msulogin) to allow the setup with multiple root accounts: `msulogin` allows one to type in the user name also when going into the single user mode (and preserve the "accountability") (this info comes from [this discussion in Russian](http://www.opennet.ru/openforum/vslu.../73378.html#24)). |
Sudo 99% of the time, root rarely if ever.
I professionally admin boxes (AIX, IRIX, Linux, FreeBSD, OpenBSD, and Solaris) and follow the same practices on all of them. Always run with the minimum possible permissions, never allow SSH as root. Been doing OS and DB support since before Linux, will continue doing it long after. Even before sudo, it was always the same. Use a 'vanity' account (named user) unless for some reason it is impossible to do so (ultra rare). |
Wow! Almost half the people are wrong!
|
Quote:
su & su - ### is great BUT not for ALL and EVERY situation sudo ### can open up a hole but is BETTER for some situations log in as root ### good for a few things BUT not for others use what IS BEST for the situation and need . |
Quote:
Unless you mean that "ALL=(ALL:ALL) ALL" type stuff Ubuntu likes to use, which is perhaps just almost the same as logging in as root really. If I use sudo on a machine, it's a ton more restrictive for general users. |
Quote:
That's a key requirement to logging in as root, which is removed when one uses sudo. Additionally, it's very difficult to properly secure sudo such that it gives only the functionality desired. For instance, cp/tar/chown/chmod/etc. can all be used to completely own the system if the following is true: 1) I have login to an unprivileged user 2) I have that user's password (if required for the user to sudo) 3) that user is allowed to sudo any one of those commands as root (and they're not completely 100% spelled out) sudo is VERY powerful, VERY confusing, and VERY often misconfigured. Give me any command where I can write a file as super-user, and your system is mine. Give me any command where I can leak information reserved to a super-user, and your system will probably be mine. And in both of these cases, the audit trail can't even be trusted (unless you log it off the box... you DO log to a separate machine, right?). Please note: I don't sit on one side or the other of this debate. I know what I use, and I am comfortable with it. There are tradeoffs that will always apply, and make some security objectives unattainable, while providing others. The best you can do is lock down what you can lock down, mitigate what you can mitigate, and keep a vigilant eye towards your systems for any type of suspicious activity. But that's all common knowledge (I think). |
Quote:
|
Quote:
I'll agree that most people don't configure *most* things properly. I disagree that sudo is difficult to secure :) This, btw, is the difference between "your neighbor's kid who uses linux" and a professional 80-100k/year sysadmin. Someone on my team here would be fired immediately for something most "good with linux" people wouldn't even notice or care about. Of course, properly secured systems also limit logins to the very fewest possible people, and audit(tripwire, whatever you like to use) every single thing they do. Even things like someone who has permissions modifying a system without proper change control will result in dismissal. Su/sudo by themselves are nothing without the proper framework to fix the underlying *social* issues. Someone caught logging into root bypassing sudosh or other logging measures would be fired on the spot. For desktops though, the main focus of this forum, the default user having sudo with everything is really no different from having root. |
every admin has a own user over ldap. nobody knows root password.
if a admin need privilege access, they can use su - and if the user in the right group then he has root privilege it's not the wheel group is for every server-group other and will managed over ldap. every su - will be reported to the moste admin that they know a root is working on a maschine. |
All times are GMT -5. The time now is 06:15 PM. |