1 |
On Tuesday 10 August 2010 15:03:19 Kevin O'Gorman wrote: |
2 |
> On Mon, Aug 9, 2010 at 6:18 PM, William Hubbs <williamh@g.o> wrote: |
3 |
> > On Mon, Aug 09, 2010 at 05:30:40PM -0700, Kevin O'Gorman wrote: |
4 |
> > > On Mon, Aug 9, 2010 at 1:20 PM, Bill Longman <bill.longman@×××××.com> |
5 |
> > |
6 |
> > wrote: |
7 |
> > > > I actually prefer "sudo su -" -- as long as I'm giving it away! :o) |
8 |
> > |
9 |
> > Afaik, there is no reason for "sudo su -" It should be either |
10 |
> > |
11 |
> > su - |
12 |
> > |
13 |
> > or, if you are using sudo, |
14 |
> > |
15 |
> > sudo -i |
16 |
> > |
17 |
> > The disadvantage of "su -" is that it requires the user to know the root |
18 |
> > password. But, "sudo -i" does the same thing without requiring the user |
19 |
> > to know the root password. |
20 |
> > |
21 |
> > You either didn't think or didn't actually try it. "sudo su -" needs a |
22 |
> |
23 |
> password, but it's the |
24 |
> user password. Running su as root never needs a password. Accordingly, |
25 |
> this works on |
26 |
> a stock Ubuntu with no root password. |
27 |
> |
28 |
> "su -" requires the root password unless you're already root, and the root |
29 |
> password may or may not exist. |
30 |
> |
31 |
> I didn't know about "sudo -i" (thanks), but when I tried "sudo -i" it |
32 |
> immediately asked for a password, for which |
33 |
> the user password was sufficient. So it's entirely equivalent to but |
34 |
> slightly shorter than my version. I'll stick with |
35 |
> mine because it's made of parts I already know and won't forget. |
36 |
> |
37 |
> I think that if sudoers don't need to enter passwords, they're still |
38 |
> equivalent, but I have not tried this. |
39 |
|
40 |
Sounds to me like he's whinging about sudo and not much else. I find this to |
41 |
be common and far too many people advancing the idea can't define to me basic |
42 |
security concepts. I have also yet to meet someone with a beef against sudo |
43 |
that can show a fundamental weakness with it, and I'm not talking about an |
44 |
isolated case of buffer overflow either - that can happen with any software. I |
45 |
mean a weakness in the methodology of sudo itself. |
46 |
|
47 |
Many people have a stuck idea in their heads that the root password is a magic |
48 |
security bullet. In fact, it's no such thing. Like any other password it is |
49 |
simply something you need to prove you know in order to to authenticate |
50 |
yourself. The major threat by analysis on a workstation is stepping away for a |
51 |
leak and forgetting to lock the screen. sudo is adequate protection against |
52 |
this as long as more than 5 minutes have elapsed since the last sudo was run - |
53 |
the prankster may have access to the machine but still does not know any |
54 |
password, including yours. A major threat to finding passwords is shoulder |
55 |
surfing. If one frequently enters the root password, it is equally easy for a |
56 |
shoulder surfer to find it as to find the user's password. Note that if you |
57 |
leave your workstation unlocked with a root session open, there is no such |
58 |
timeout as what one has with sudo. |
59 |
|
60 |
Additionally, on a shared machine (i.e. server at work), the root password has |
61 |
to be shared which is a huge hole in itself due to the difficulty of |
62 |
communicating the new password when it is changed. It is trivially easy to |
63 |
communicate a single password for a single user and guarantee it stays secure |
64 |
(major advances in cryptanalysis excepted). |
65 |
|
66 |
|
67 |
-- |
68 |
alan dot mckinnon at gmail dot com |