|
Description
I think that the fact that a simple user can perform administrative tasks using its own password with the sudo command is extremely unsafe.
I'd like that administration tasks could be only performed by the root user using su command.
I think that now the only solution is to give the root administrative privileges using the Administration->Users and Groups (i think it's a little bit strange that root doesn't have them by default), and then transform the administrator into a normal user.
Further I think that this problem is ignored by all these users that aren't much involved in unix sistems, and so they have major risks caused by havig the same password to log in and to perform administrative tasks.
Tags:
(none)
Attachments
No attachments.
Duplicates
Comments
|
zarkov wrote on the 14 Mar 08 at 20:15
|
1. Ubuntu is designed to be used with sudo. You can enable root, but that isn’t recommended.
2. Not every user can sudo. By default it’s only the first user.
3. This has been discussed, like, ten thousand times already, and for the user profile Ubuntu is designed for, sudo is the superiour choice.
4. Even if it wasn’t, I can see no security risk. What’h your threat scenario here?
|
|
Auzy wrote on the 15 Mar 08 at 00:30
| |
Agreed, sudo is the better way.
|
|
Eldmannen wrote on the 15 Mar 08 at 02:53
| |
Only the first user can use sudo.
|
|
johan wrote on the 15 Mar 08 at 09:34
| |
I disagree. Sudo is really not good, security-wise. I would prefer to use the su-approach. But on the other hand, this isn't a deal-breaker for me.
|
|
vexorian wrote on the 15 Mar 08 at 16:06
|
It is not really a simple user, it IS the administrator who gets the right to use sudo, he then can implement user accounts for the rest of people.
Root would be a huge step backwards. sudo is better in security since the admin can easily use simple tasks without the root access instead of always using it, and you can add and remove rights from users instead of granting them the whole root password.
|
|
PietroB wrote on the 16 Mar 08 at 09:34
|
I think that the security problem is the following:
If someone steal your password, he can connect to your pc and can also run applications with root privilegies.
I think this is dangerous, there's one password less than in the su approach.
If you can get the sudo and user password different everythig will be better
|
|
Pasto wrote on the 14 Jul 08 at 07:07
|
If someone steals your root password, you are in the same problem. The security risk then, is not sudo, but:
1) giving your password away
AND
2) to be always using the admin account.
-1, sudo is fine.
|
|
Auzy wrote on the 14 Jul 08 at 08:36
|
Actually maybe I should clarify. I think most people look at the difference between SU and Sudo wrongly, that may be why.
There are 2 main problems with not having sudo.
If you don't make admin access convenient, people will use Root 24/7. And yes, theres overwealming evidence thats the case:
- It happened in windows already (everyone set themselves as Administrators, despite there being a power user & limited user option). Thats why Vista uses UAC instead now, which is similar in design to sudo.
- In the old mandrake 7.2 and early Red hat days, they didn't have sudo (or if they did, it wasn't well implemented). Everyone used root (especially since DRI didn't work properly as a limited user).
Secondly, the main one is that you want to minimise the amount of code running as administrator. If you run a whole desktop environment as root, a lot more can be compromised. If you go to firefox for instance, and a dodgy jpg is shown which causes a buffer overflow to occur (and code to be run), it will not only compromise the root user, but the entire operating system. And running as root user, its likely you would check commands online, and want to copy and paste them directly. .
If you dont like the sudo layout, you could always set up a power user account, who has sudo, and don't allow other users to sudo. But the lack of sudo was only ever good on paper. In reality, it is actually a very high security risk.
|
|
dinar wrote on the 22 Jul 08 at 11:37
|
"I think that now the only solution is to give the root administrative privileges using the Administration->Users and Groups (i think it's a little bit strange that root doesn't have them by default), and then transform the administrator into a normal user."
not. this is not only the way. and this is not correct. "administrator privilegies" means privilegy to run "sudo" command. root is already root so he does not have to have administrator privilegies.
this you should do if you want separate password:
1. in "users and groups" set password of root.
2. remove "administrator privilegies" from all users.
3. now(then) you can get root privilegies with "su" command in terminal and then can run from terminal what you want for example "nautilus".
|
|
dinar wrote on the 20 Aug 08 at 13:47
|
this what i said is dangerous...
you can not access from main menu administrative applications if you remove "administrator privilegies" from all users. to set administrative privilegy back you can run su, password, users-admin.
|
Post your comment
|
