[NTLUG:Discuss] Re: SuSE 9 or 9.1 PATH environment changes after su -- some sudo defaults != security?
Chris Cox
cjcox at acm.org
Mon Sep 13 13:49:41 CDT 2004
Bryan J. Smith wrote:
> On Mon, 2004-09-13 at 14:15, Chris Cox wrote:
>
>>Use sudo instead of su.
>
>
> On Mon, 2004-09-13 at 14:23, MadHat wrote:
>
>>Highly recommended by sysadmin everywhere.
>
>
> The problem is that so many sysadmins just setup sudo for full
> root access as well, but so they don't have to type the password
> in. I've seen that in at least 75% of my client setups.
Oh yes... certainly sudo can be the biggest security hole
in the world! Definitely!
>
> Heck, some distros just let you plunk in an username in one config file
> and do this by default! And they provide an example!
Yep... probably should have more commentary on the primary 'example'.
>
> So does this address security any better for the ignorant?
> It's an interesting debate.
For the ignorant... no. Just trying to find a non-su soln
to your problem. I don't like what sudo is doing here... just noting
that it skirts the issue.
More information about the Discuss
mailing list