On Wed, Feb 03, 2010 at 06:55:34PM -0600, John Hasler wrote: > Freeman writes: > > There have been occasional mentions of sudo here, as if it were no big > > deal. > > In my original learning, it is a big deal. That is, su, not sudo, is "the > > Debian way,"... > > That's news to me. > -- > John Hasler >
Well, in numerous exchanges over the course of years, the case was made to me and others that sudo can leave apps open to exploitation if not locked down carefully. To the extent that NOPASSWD is set and/or that password durations allow continued commands and/or that users are listed more liberally than they should be, the system is potentially open to attackers. If someone gains your account they can use any app against your root system that sudo will allow. The argument was that su is the Debian replacement to sudo specifically for reason, as far as general use goes. And that sudo is for Ubuntu users :), or special use in Debian. NOPASSWD is set for myself in sudo. But the only apps therein are shutdown, if/iwconfig & iwlist, cpufreq-set and iptraf. Anyway, that was part of my upbringing in the Debian universe. And I have followed it. However, I'm not inclined to pretend at authority. I do this to keep from going insane at my real business which has nothing to do with cyberspace. :) -- Kind Regards, Freeman -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
