Who uses SUDO on production machines? [was Re: [NCLUG] Why not Root?]
Michael Milligan
milli at acmeps.com
Mon Mar 19 13:25:23 MDT 2007
John L. Bass wrote:
> I've always removed sudo from security critical production machines.
> I'm currious who installs it for security reasons and why.
In reality, I don't use sudo. I delete it and install a different
program that does the same thing, albeit a subset, for which I have the
source code and has not changed in 10+ years. This is only because the
source has been reviewed by people I trust, whereas I can't say the same
for the sudo code. That's my only security reason, to use (an
alternative) sudo.
I use "sudo" for convenience, for all the reasons Sean covered. It
allows for the root password to be *'d out. You block all attempts to
login as root. It allows for an audit trail to know who changed a
privileged configuration file, restarted a process, etc.. It ultimately
will not stop someone who exploits a flaw in the system to gain "root"
access privileges, either by local exploit, or remote exploit. Sudo
doesn't address that at all.
One thing I think goes without saying is, when using "sudo", you
absolutely _have_ to trust anyone you give sudo access to. Because it's
akin to breakin' eggs with a sledge hammer. There's no granularity to
"root access" on a typical Linux/*nix box.
Regards,
Mike
--
Michael Milligan -> milli at acmeps.com
Acme Professional Services LLC 970-581-9948
More information about the NCLUG
mailing list