James G. Sack (jim) wrote:
Doug LaRue wrote:
** Reply to message from "James G. Sack (jim)" <[EMAIL PROTECTED]> on Tue, 08
Apr 2008 14:21:38 -0700
What is the effective difference in terms of security?
/var/log/auth.log
all sudo commands( logins, failed attamps, commands run, etc ) are
all logged there. But then again, I don't know if or where root logins
and commands/failures/etc get logged on other systems.
Ahh, thanks Doug. I forgot to mention that. Having a complete log of
commands executed via sudo is another benefit of sudo vs running from a
root shell. This is particularly valuable on servers admin'd by multiple
users with sudo rights. Even on a home system, it may turn out handy.
DJA- if you are asking whether there are differences in what can be done
via sudo compared to via a root shell -- that's what sudoers can
control. See
man sudoers
No, I was merely interested in the security differences between them. I
see it's really about logging in the most common uses.
The file /etc/sudoers has some helpful comments within, but I'm sure
there must be [ie, I haven't looked, though] some good tutorials on
configuring sudoer as well.
Regards,
..jim
Thanks. I am already familiar with Sudo and it's use/configuration. I
use it for some limited apps (e.g. shutdown) where I'm too lazy to log
in as root.
--
Best Regards,
~DJA.
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
