hi all..
Michael A. Peters
mpeters at mac.com
Sat Feb 3 10:45:02 UTC 2007
One final note -
Technically, sudo shouldn't even be installed unless you have a genuine
need for it. It is an suid root binary, which means it is always a
potential additional local exploit risk.
suid root binaries should technically only be installed when there is a
genuine need for them.
That being said - I don't personally take the time to remove it, I'm not
that concerned about it on my "single flesh user" systems but I would be
on a multiuser system (where sudo is likely to be more appropriate so
your non root webmaster for example can restart apache)
OK - a few other people have accounts they use when they come to visit
my house, but the only port then can use to remotely log in is ssh - and
that's what the DenyUsers directive in sshd_config is for.
More information about the users
mailing list