Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'Sudo over su' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Sudo over su
Authored by: Accura on Dec 02, '02 09:51:41PM

This has been talked about before, i use this hint at home bcause every command typed with sudo on the start is loged, i like to know what i did and why, if you use su -m or sudo tcsh the commands are not loged after that point. I find logs handy and use them all the time

but your all right, it makes your box open for attacks, but being at the computer does that. single user mode, boot with an osx cd and change the root password, take the HD and of course os9.

This is something i like to do personally not for every thing. NEVER EVER use this hint on a server, EVER, its not a very smart thing, a desk top is not so bad but if paranoid dont do this its not worth lying awake at night

[ Reply to This | # ]
Sudo over su
Authored by: ukkarhu on Dec 03, '02 08:37:40AM

What you can do on a server is that you can permit certain users or groups to execute certain commands as root i.e. adding a user or something like that. Sudo is very useful for that and having the NOPASSWD option is good so you can give this access to certain users via a script.

Remember if you use the '%admin' hint, the 'assailant' still has to know the username and password of an 'admin' user to be able to execute commands via sudo as root and if they know an admins password, they will already be logged in and running whatever as root anyway!

[ Reply to This | # ]