Root access (was RE: which prebuilt linux boxes seem to work best?)

Brent Harding bharding at ufw2.com
Sat Oct 21 14:47:42 EDT 2000


It would be neat if there was a howto on it that was easy to understand.
How does sudo deal with system files the user can edit? I wonder if this
guy I was hearing it from really did develop his own way to make more users
root than just one without the password. My impression of sudo is that the
root commands a user can use need to be specified somewhere, but if I need
to edit a config file, to set up virtual hosts, and have permission to edit
what I need to, I'm not sure how this gets implemented. Changing all the
permissions will mess up as programs sometimes check, and adding an extra 7
and changing group owner to admins for say might not work.
At 04:31 PM 10/21/00 +1100, you wrote:
>Hi Brent:
>
>There can only be one root user.  Having said that, you can either use sudo
>or su to gain access as root.  If I were a sysadmin, I'd probably implement
>sudo rather than allow access to su.  Why?  Because su is used for people
>to become root.  It's just the same as logging in as root except it gets
>around the /etc/securetty permissions.  In other words, anyone from any
>location can become super user using su if they first login as their user
>account.  Su expects root's password in order to become super user, which
>means that a sysadmin has to give out root's password to anyone they want
>to use su.  Sudo however authenticates with the user's password, and the
>sysadmin controls who has access to it.  If someone is abusing it, they can
>take away their access and there's nothing the user can do about it.  In my
>opinion, this is much safer.  Which means I really should go learn how to
>administer it. <grin>
>
>Geoff.
>
>
>-- 
>Geoff Shang <gshang10 at scu.edu.au>
>ICQ number 43634701
>
>
>_______________________________________________
>Speakup mailing list
>Speakup at braille.uwo.ca
>http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
>
>





More information about the Speakup mailing list