Re: Adding OpenBSD sudo to the FreeBSD base system?

From: asym (bsdlists_at_rfnj.org)
Date: 07/21/05

  • Next message: Stephen Major: "FW: Adding OpenBSD sudo to the FreeBSD base system?"
    Date: Thu, 21 Jul 2005 16:19:55 -0400
    To: Kurt Seifried <listuser@seifried.org>, <freebsd-security@freebsd.org>
    
    

    At 16:09 7/21/2005, Kurt Seifried wrote:
    >Uhh you people realize sudo is COMPLEMENTARY to su? All my Linux and
    >OpenBSD systems (wait for it.....) have _both_ installed by default. Crazy
    >huh? Some example commands:
    >
    >sudo ifconfig blah [enters own password]
    >sudo su - [enters own password]
    >sudo sendmail -q [enters own password]
    >su - [enters root password]
    >
    >Whoa! what's #2? And what's #4? Holy cow!

    For me, #2 and #4 are replaced by "sudo -u root sh" or some other shell,
    totally obviating the need to have su at all. I realize some people use it
    in shell scripts and so on, which I will refrain from commenting on, which
    would make a sudo "su" mode a requirement to have it *replace* su, much
    like the various "vi" invocation implementations.

    I see absolutely no reason why sudo should not be in the base system. Not one.

    I see almost as little need to make it behave as "su" when called as "su",
    but I can at least see the reasoning behind it, and I also understand that
    doing so would not be difficult.

    >Folks, this is by far the stupidest argument/discussion I have ever seen
    >on a security related mailing list (and I've been on BugTraq and
    >Full-Disclosure for a long time so that's saying something).

    If "myth-busting" as I've done with Stephen is "stupid" well, go ahead at
    tattoo it on my forehead. I'm from a place where education is the cure for
    stupidity, not the incarnation of it.

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"


  • Next message: Stephen Major: "FW: Adding OpenBSD sudo to the FreeBSD base system?"

    Relevant Pages

    • Re: Whats with the "Dont login as root, use su" message?
      ... Packages are reccomended over ports for a variety of reasons check FAQ ... Once I get more familiar with openbsd, then sudo will be used ... > access (reason for creation of this news group thread). ...
      (comp.unix.bsd.openbsd.misc)
    • Re: cvsup and portupgrade
      ... portupgrade is a convenient tool but sometimes it fail for whatever reason, ... $ sudo make ...
      (freebsd-questions)
    • Password three times with ssh
      ... For some reason I can't fathom, this _always_ asks for my own local ... not incorrect entry; if I enter it incorrectly I have to start over): ... Would anyone by any chance have a clue why sudo asks ...
      (Ubuntu)
    • Re: su or sudo su?
      ... instance) like opensuse seems to do, I might consider that stupid but it probably is ... there for a reason and someone finds it useful. ... targetpw requires root's password because there's an assumed "-u root" ... For sudo always to prompt for root's password, ...
      (Fedora)
    • Re: SELinux vs BackupPC web interface
      ... Is there some reason to think this is better than the methods provided by apache or perl? ... I know how to use SUDO. ... I've forgotten how to do it in Apache. ... You have to be on the premises to do it, or have a VPN. ...
      (Fedora)