-   Linux - Security (
-   -   Security with regards to wheel group, and sudo users. (

jdaw 10-17-2008 12:12 PM

Security with regards to wheel group, and sudo users.
if I add a user (my personal account) on a server to the "wheel" group
usermod -G wheel username

and un-comment the line in visudo ...

# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL

does this create a security vulnerability? Also, is that the best way to make my user account privileged?

Thanks for your time, and I look forward to your responses.

mallux 10-17-2008 04:26 PM

That depends how you see a "vulnerability". Yes it will make your system less secure, by definition, because you are allowing more people (i.e. you) to do privileged stuff that they previously weren't allowed to. But providing you keep your password secure (since it is now effectively equivalent to the root password) it shouldn't be too much to worry about; this is more or less how Ubuntu is shipped by default.

Hangdog42 10-18-2008 08:13 AM

The use of sudo is definitely the way to make your account priviledged, but if you're worried about security, using the wheel group may be overkill. The most secure way to use sudo is to allow priviledges to specific commands. For example, if you only want root priviledges to shut down, grant sudo access to the shutdown command only. That way if your account were to get compromised, the attacker would only have root access to the shutdown command instead of all commands.

Tinkster 10-18-2008 12:56 PM

Moved: This thread is more suitable in <Linux - Security> and has been moved accordingly to help your thread/question get the exposure it deserves.

jdaw 10-20-2008 07:31 AM

Thank you very much. I appreciate all of your input!! I'll have to agree with both of you that the wheel group is probably a bit much, I'll look into allowing only certain commands. Also I'll have to look into what I did, because by adding my personal account to the wheel group, and un-commenting that line in 'visudo' I was still not able to execute many root type commands. I tried looking at fdisk -l and ifconfig, and got a bash error on both attempts. Any thoughts on something I may be missing? I did log out, and close the ssh connection, and log back in to try again to no avail. I sincerely appreciate your support! Thank you again!

Hangdog42 10-20-2008 08:29 AM

If you post the bash errors, we can be a lot more helpful. But off the top of my head, check your PATH environment variable. Some common directories for admin functions (like /sbin) might not be there.

All times are GMT -5. The time now is 11:31 AM.