Language Selection

English French German Italian Portuguese Spanish

The Perils of Sudo With User Passwords

Filed under
Security

The consensus among new Unix and Linux users seems to be that sudo is more secure than using the root account, because it requires you type your password to perform potentially harmful actions. In reality, a compromised user account, which is no big deal normally, is instantly root in most setups. This sudo thinking is flawed, but sudo is actually useful for what’s it was designed for.

The (wrong) idea is that you shouldn’t use the root account, because apparently it’s too “dangerous.” This argument usually comes from new Linux users and people that call themselves “network administrators,” but has no basis in reality. We’ll come back to that in a moment.

The concept behind sudo is to give non-root users access to perform specific tasks without giving away the root password. It can also be used to log activity, if desired.

Why is there a separate root account anyway?




More in Tux Machines

Running FreeBSD on the server: a sysadmin speaks

For years now, Linux has been all the rage. But in recent times, there have been murmurings among some veterans — long-time users — after the introduction of systemd, the init system that seems to overstep its boundaries. Read more

More tools for creating QR Codes in Linux

In my previous post I showed how to install CuterCode and Qreator, two simple GUI applications for producing QR Codes. I have now found a couple of other GUI applications, Portable QR-Code Generator and QtQR, both of which offer more features than the aforementioned two, such as allowing you to specify the amount of error correction to be incorporated into the QR Code. And now to the two applications …

Read more

today's leftovers

today's howtos