Re: PermitRootLogin=yes versus su

From: Cameron Laird (claird@lairds.com)
Date: 01/27/03 

From: claird@lairds.com (Cameron Laird)
Date: Mon, 27 Jan 2003 13:15:19 -0000

In article <87lm16okuu.fsf@pele.r.caley.org.uk>,
Richard Caley <MYFIRSTNAME@MYLASTNAME.org.uk> wrote:
>In article <3e35145f$0$2565$afc38c87@news.easynet.co.uk>, Ian Gregory
>(ig) writes:
>
>ig> sudo is a better tool for many reasons, one of them being that you
>ig> can allow someone the ability to get a uid 0 shell without having
>ig> to tell them the root password.
>
>If they can get a UID 0 shell, they don't need the root password. If
>they decide they do, they can snarf it next time you use it. If you
>`never' use it, they can change it (on the theory that a year from now
>when you finally do use it you will assume you have noted down the
>wrong password).
                        .
                        .
                        .
Me, too; I don't understand why "sudo bash ..." is
safer than su to root, with the single exception
that the former doesn't spread root password around.
If I'm a cracker, though, I'm willing to consider
root password as no more than deadweight; a shell as
UID 0 gives me everything I want. 

-- 
Cameron Laird <Cameron@Lairds.com>
Business:  http://www.Phaseit.net
Personal:  http://phaseit.net/claird/home.html

Relevant Pages

  • Re: PermitRootLogin=yes versus su
    ... >all windows with a UID 0 shell get a red border or something. ... >could do that with su but sudo is a better tool for many reasons, ... >shell without having to tell them the root password. ...
    (comp.security.ssh)
  • Re: PermitRootLogin=yes versus su
    ... ig> can allow someone the ability to get a uid 0 shell without having ... If they can get a UID 0 shell, they don't need the root password. ...
    (comp.security.ssh)
  • Re: Problems with su/sudo
    ... want bash to behave in a specific way when it is a root shell I just ... But sometimes you need to do different things in a login shell than ... Everything else can be done in a user account with sudo providing the ... ability to get UID 0. ...
    (comp.sys.mac.system)
  • Re: PermitRootLogin=yes versus su
    ... I do admin stuff on it every day which requires having UID 0 but I ... >>don't even remember what my root password is. ... I see the value of sudo being ... all windows with a UID 0 shell get a red border or something. ...
    (comp.security.ssh)
  • Re: Dumb question of the week.
    ... me a blood-red prompt. ... I think that 'root' commands must work without surprises like aliases ... My su and sudo work as defined in the man pages, ... which asks for the root password and then, ...
    (alt.os.linux.suse)