su or sudo su?
suvayu ali
fatkasuvayu+linux at gmail.com
Mon Oct 18 19:30:43 UTC 2010
Hi James and Patrick,
On 18 October 2010 09:40, James Mckenzie <jjmckenzie51 at earthlink.net> wrote:
> Suvayu Ali <fatkasuvayu+linux at gmail.com> wrote:
>>I am not sure how it is insecure, could you elaborate? At least to me
>>giving (limited/full) root privileges to an ordinary user seems a lot
>>more risky.
>
> Which is what you are doing with the file below.
>>
>>The way I understand it if I have the following in my /etc/sudoers
>>file,
>>
>>%<user_group> ALL=(ALL) ALL
>>
> Wow. I would love to be a user on your system. If you understand what sudo does, this would be VERY different. Not to say I would do anything destructive, but access to critical files is exposed to all users, including the default ones and this is a very big security problem. Of course, I expect that you have taken steps to secure your system by changing all default passwords, assigning strong passwords to all users and using /bin/false for all users that are not supposed to log into your system.
>
Okay I see now where I misunderstood you. My system is my desktop, and
I'm the only user. I was thinking of privileges in the context of the
command being executed whereas you were speaking about privileges in
the context of access to all commands.
Thanks.
--
Suvayu
Open source is the future. It sets us free.
More information about the users
mailing list