Hello
I would like to know if I give a user an ALL privilege in the /etc/sudoers does he become a superuser than ? isn't that risky ?
thanks
hicham.
On Fri, Apr 01, 2005 at 04:56:10PM +0000, hicham wrote:
I would like to know if I give a user an ALL privilege in the /etc/sudoers does he become a superuser than ? isn't that risky ?
The user is effectively superuser, yes. However, it's somewhat better, since there's still an active step -- authenticating with your own credentials -- required to switch into privledged mode.
On Apr 1, 2005 12:41 PM, Matthew Miller mattdm@mattdm.org wrote:
On Fri, Apr 01, 2005 at 04:56:10PM +0000, hicham wrote:
I would like to know if I give a user an ALL privilege in the /etc/sudoers does he become a superuser than ? isn't that risky ?
The user is effectively superuser, yes. However, it's somewhat better, since there's still an active step -- authenticating with your own credentials -- required to switch into privledged mode.
Well, it depends on how you set it up. You can set it up to where you have to give *your* password, *root's* password (assuming sudo to root, it's actually the password of whomever you are trying to "become"), or *no* password to use sudo (I believe Fedora's default is your password as Matthew said). Using your password or no password essentially gives the user superuser access, but that does not mean that the user is actually a superuser. This makes things a little better than logging in as root. Logging in as root is discouraged because of some security risks, such as running complex (read: potentially vulnerable) programs due to being logged in (such as any of the programs involved with running X), accidentally or unknowingly running malicious code (something you downloaded, say), and user error (oops, I really didn't want to run "rm -fr /"). As far as these considerations go, using "sudo" is the same as using "su -", so in this sense, the user is not a superuser. A user with sudo privileges must use sudo to do anything that requires superuser privileges, and this can be a little more secure because all sudo activity is logged and the user does not need to know the root password (if so configured). So if you trust the user, then it should be safe to setup. If you require the users' password to use sudo, then if someone comes along while the user is logged in and away from the computer, they will still need a password to use sudo and have superuser privileges. One problem is, the user can do "sudo su -" and then have a root shell, the activities of which are not logged. To echo Mike, look at "man sudo" for more considerations.
Jonathan
To simplify, basically the user has permission to run SINGLE commands as root if he is on the sudoers list. This is safer because (to simplify again) in order to kill off the system, he can't accidentally type rm -rf /boot/vmlinuz-... . He has to precede it with sudo. He can still kill off the system, but only intentionally. :-)
On Apr 2, 2005 12:27 PM, Jonathan Berry berryja@gmail.com wrote:
On Apr 1, 2005 12:41 PM, Matthew Miller mattdm@mattdm.org wrote:
On Fri, Apr 01, 2005 at 04:56:10PM +0000, hicham wrote:
I would like to know if I give a user an ALL privilege in the
/etc/sudoers
does he become a superuser than ? isn't that risky ?
The user is effectively superuser, yes. However, it's somewhat better,
since
there's still an active step -- authenticating with your own credentials
--
required to switch into privledged mode.
Well, it depends on how you set it up. You can set it up to where you have to give *your* password, *root's* password (assuming sudo to root, it's actually the password of whomever you are trying to "become"), or *no* password to use sudo (I believe Fedora's default is your password as Matthew said). Using your password or no password essentially gives the user superuser access, but that does not mean that the user is actually a superuser. This makes things a little better than logging in as root. Logging in as root is discouraged because of some security risks, such as running complex (read: potentially vulnerable) programs due to being logged in (such as any of the programs involved with running X), accidentally or unknowingly running malicious code (something you downloaded, say), and user error (oops, I really didn't want to run "rm -fr /"). As far as these considerations go, using "sudo" is the same as using "su -", so in this sense, the user is not a superuser. A user with sudo privileges must use sudo to do anything that requires superuser privileges, and this can be a little more secure because all sudo activity is logged and the user does not need to know the root password (if so configured). So if you trust the user, then it should be safe to setup. If you require the users' password to use sudo, then if someone comes along while the user is logged in and away from the computer, they will still need a password to use sudo and have superuser privileges. One problem is, the user can do "sudo su -" and then have a root shell, the activities of which are not logged. To echo Mike, look at "man sudo" for more considerations.
Jonathan
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
Please don't send HTML to the fedora list. This is a plain text list.
If you can't figure out how to turn off html or other rich formattinmg please ask.
thanks guys for this clarification, I'm the user and the superuser of my machine , and I just want to get things done like adsl connection , yum update without having each time to type a sudo password: may be i should can give user just limited privileges to make sure I'm not going to "rm /" everything : )
thanks again hicham.
On Sat, 2005-04-02 at 12:27 -0600, Jonathan Berry wrote:
On Apr 1, 2005 12:41 PM, Matthew Miller mattdm@mattdm.org wrote:
On Fri, Apr 01, 2005 at 04:56:10PM +0000, hicham wrote:
I would like to know if I give a user an ALL privilege in the /etc/sudoers does he become a superuser than ? isn't that risky ?
The user is effectively superuser, yes. However, it's somewhat better, since there's still an active step -- authenticating with your own credentials -- required to switch into privledged mode.
snip
superuser privileges. One problem is, the user can do "sudo su -" and then have a root shell, the activities of which are not logged. To echo Mike, look at "man sudo" for more considerations.
Anyone who sets up sudoers to allow that command should be shot.
The idea behind sudo is to allow those users who are trusted to have a limited set of commands to run and to provide for tracking/auditing.
Allowing anyone to use sudo with ALL commands is the same as giving them the root password (and only as secure as their user password). VERY RISKY!
Jonathan
Anyone who sets up sudoers to allow that command should be shot. The idea behind sudo is to allow those users who are trusted to have a limited set of commands to run and to provide for tracking/auditing. Allowing anyone to use sudo with ALL commands is the same as giving them the root password (and only as secure as their user password). VERY RISKY!
Hence why I said I wouldn't recommend it. For my own user (as in myself) I have it like that, but not without password. Without password I would only allow for very limited access. If my account would get hacked I wouldn't really like it to be to easy to gain root access. And 'sudo su -' is a wee bit overstated.. try 'sudo bash' or equivelent and you have a rootshell. If you have ALL = (ALL) that is.
Mattias
-
grumman Fan -
hackmiester -
hicham -
Jeff Vian -
Jonathan Berry -
Matthew Miller -
Mattias Pettersson -
Mike Klinke