Language Selection

English French German Italian Portuguese Spanish

Setting the record straight on sudo

Filed under
Software
Security

I recently read a blog posting that denounced the use of sudo as insecure because of the following (briefly summed up and paraphrased) reasons:

1. The idea that not using the root account is wrong, using root for everything is fine.
2. That using sudo for everything provides a false sense of security over performing an action as root directly
3. That using a user account password to get a root shell is a bad idea
4. That using a root shell is not dangerous, and that this “grave misunderstanding” came from the idea that running X as root is dangerous
5. That sudo has very little place in the Enterprise
6. That relying on sudo is foolish, because it has bugs
7. That everything should be done from a root shell, and that you should have to know the “uber-secret root password” to get that access

My first reaction to this blog posting was that the author had no idea how to use sudo properly or why you would want to. My second reaction was to give a big thank you to Ubuntu and OS X that, by default, provide a password-less root account and give administrators sudo access to everything, which pretty much leads to these kinds of silly anti-sudo articles.

rest here




More in Tux Machines

Red Hat Enterprise Linux 7.3 Beta Adds NVDIMM Support, Improves Security

Today, August 25, 2016, Red Hat announced that version 7.3 of its powerful Red Hat Enterprise Linux operating system is now in development, and a Beta build is available for download and testing. Red Hat Enterprise Linux 7.3 Beta brings lots of improvements and innovations, support for new hardware devices, and improves the overall security of the Linux kernel-based operating system used by some of the biggest enterprises and organizations around the globe. Among some of the major new features implemented in the Red Hat Enterprise Linux 7.3 release, we can mention important networking improvements, and support for Non-Volatile Dual In-line Memory Modules (NVDIMMs). Read more Also: CentOS 6 Linux OS Receives Important Kernel Security Update from Red Hat Release of Red Hat Virtualization 4 Offers New Functionality for Workloads

Ubuntu 16.10 Beta 1 Released, Available to Download Now

The Ubuntu 16.10 Beta 1 releases are now available to download. You know the drill by now: {num} Ubuntu flavors, some freshly pressed ISOs, plenty of new bugs to find and no guarantees that things won’t go boom. Read more Also: Ubuntu 16.10 Beta Launches for Opt-in Flavors, Adds GCC 6.2 and LibreOffice 5.2

Games for GNU/Linux

PC-BSD Becomes TrueOS, FreeBSD 11.0 Reaches RC2

  • More Details On PC-BSD's Rebranding As TrueOS
    Most Phoronix readers know PC-BSD as the BSD operating system derived from FreeBSD that aims to be user-friendly on the desktop side and they've done a fairly good job at that over the years. However, the OS has been in the process of re-branding itself as TrueOS. PC-BSD has been offering "TrueOS Server" for a while now as their FreeBSD-based server offering. But around the upcoming FreeBSD 11.0 release they are looking to re-brand their primary desktop download too now as TrueOS.
  • FreeBSD 11.0-RC2 Arrives With Fixes
    The second release candidate to the upcoming FreeBSD 11 is now available for testing. FreeBSD 11.0-RC2 ships with various bug fixes, several networking related changes, Clang compiler fixes, and other updates. FreeBSD 11.0 is bringing updated KMS drivers, Linux binary compatibility layer improvements, UEFI improvements, Bhyve virtualization improvements, and a plethora of other work. Those not yet familiar with FreeBSD 11 can see the what's new guide.