Q: about sudo
Hello reader,
I used sudo command on the command line before typing a rm -r command and it ask for my password, which I entered and the instruction would be accepted. Then later I needed super user privaliges again I used sudo again before other commands. But I seemd to still be in my normal account. While I got used to when I first type and return su I thought of to be in super user account. I could also check this because the font letters would a from green to red of the shelt part. I then confirmed more or less I was in my normal user account I typed 'sudo su" and returned gave me super user privileges. I find strange that sudo doesnt need a password. And I don't know why it looked I was still in my normal account. My question is how can I get the sudo command to ask for a password all the timeand how to not put me in my normal account when I use sudo. Please, can someone explain this? Friendly greets |
sudo has a time limit in each term you're in and use sudo - passwd - after that time has expired you must passwd in again.
Code:
su passwd - stays in your environment path Code:
su it's su do you think you are Mr. Big Shot? I am g'root ;) (sung to the tune of, who do you think you are) :D |
The problem with sudo is that it requires your(!) password. If you can, for example, issue sudo su, then you are(!) root!
This is why, on every computer that I have any successful control of, there is only one user in the wheel (which is the traditional qualification that lets you do this). If you need to "sudo anything-of-significance," you must first log in as that user. (Which you can do, by the way, with su username.) |
yeah I forget that part I use same passwd for both, and sudo with no passwd, makes my life easier ;)
|
Quote:
|
Thank you for explaining it.
|
In addition, the default time is 15 minutes. If you want to be asked for a password all the time you need to add the following to the /etc/sudoers file. To edit the sudoers file
sudo visudo Code:
Defaults env_reset,timestamp_timeout=0 |
Quote:
su switches you to a root terminal (or sudo su, if your root account doesn't have a usable password). sudo by default only prompts you for a password every so often, if you run back-to-back sudo commands it should only prompt you on the first one. Pretty sure there's a timeout or similar parameter in /etc/sudoers that you could modify if you wanted to change that behavior. edit: beat to the punch |
Quote:
because in user I do not get that problem, it is only when I need to use sudo I just bypass the passwd is all, when I use su or su - I still got a put a passwd in,, It is just me and my laptop . no one uses it but me, so I do not worry about that . plus no one knows my passwd or that I use the same for root and user but people on LQ now. oops.. they would not provide a sudo NOPASSWD if it wasn't secure . being in root at all times. I've done that too before, did it for a week straight. np I too am not a paranoid personality not to say you are, I do not know you that well to determine that, ;) only that I do not worry about security on this laptop other then my passwd to get in to it. which no one knows. |
Quote:
Quote:
Quote:
Quote:
|
Quote:
|
Problem is if they do get in (which is likely by the sounds if it), they can use your machine to attack others.... that's why we care.
If you were not on the net, it wouldn't matter (to us). |
NOPASSWD is useful for the shutdown command. I wouldn't use it for anything else.
|
so i am the bad guy? I a the enabler? Just because I do not want to type my password in every time I need to use sudo command? I do not think so. Locks only keep honest people out.
|
If you are determined to act as a bot device, have you considered even using an extremely short password?
It won't deter a proper attack, but it will prevent someone submitting a sudo command - just to see if there is absolutely no security. I also suggest you start leaving the front door of your house open, at all times. |
All times are GMT -5. The time now is 08:47 AM. |