Is Using Sudo Like Using a Safety Net?

[nujinini]

Hello Everybody,

Greetings!

I just learned how to include my name in the sudoers list and have been enjoying using sudo for commands that require root.

My question is, what is the advantage if I use sudo in commands that are suppose to be executed as root. If I make a mistake using the sudo option in execution of commands and screw-up my environment. Will I be able to undo the mistake since the command was not executed as real root (su -)? Or "roll it back" so to speak?

Thank you for any clarifications!

[reed9]

No, you can't rollback sudo commands.

Sudo has a couple of advantages. One, it keeps a history log. Not so useful for the average desktop user, but nice for sys admins. Two, you run with only the command you want with elevated priviliges. (You can do this with su -c 'command' as well rather than loggin in as root.) Three, you can limit a user or group of users to specific tasks and commands. So rather than give the keys to whole computer away with the root password, you can define that this group of users has access to networking commands, but can't install software, or this user can install software, but can't write to the root filesystem or whatnot.

The other argument for using sudo and disabling the root account altogether, is that the bad guys know that all systems have an account named root, so they don't have to find out the username, and focus on cracking the password. If you have no root account, finding the username is one more obstacle to overcome. I don't know how much difference this really makes.

[daark.child]

The other argument for using sudo and disabling the root account altogether, is that the bad guys know that all systems have an account named root, so they don't have to find out the username, and focus on cracking the password. If you have no root account, finding the username is one more obstacle to overcome. I don't know how much difference this really makes

I think locking the root account is risky because if someone cracks one of the admin user accounts, then they could unlock the root account, give it a passwd and basically own the system.

[reed9]

If they crack the admin account, they would already own the system whether or not they re-enabled root, wouldn't they?

Also, why would it be harder to crack the root account than the admin user account?

I could see an argument that sudo could be dangerous, since most systems are set up to not allow root to login remotely. So if you've cracked the admin user account, you could have free reign via remote connection, more easily than if you had to crack root.

I don't really know. Detailed security issues are beyond my scope of knowledge.

[daark.child]

If they crack the admin account, they would already own the system whether or not they re-enabled root, wouldn't they?

Also, why would it be harder to crack the root account than the admin user account?

I could see an argument that sudo could be dangerous, since most systems are set up to not allow root to login remotely. So if you've cracked the admin user account, you could have free reign via remote connection, more easily than if you had to crack root.

I don't really know. Detailed security issues are beyond my scope of knowledge.

If you cracked an admin account then yes you already own the system. If you went on to unlock the root account, you could easily lock out the admins from the system, remove them as admins, create your own users accounts that can access the system remotely etc.

[reed9]

If you cracked an admin account then yes you already own the system. If you went on to unlock the root account, you could easily lock out the admins from the system, remove them as admins, create your own users accounts that can access the system remotely etc.

I still don't follow why it would be safer not to use sudo. You don't need to enable root to lock out any other users. You could easily create a new admin user account and delete the old user account. Whether someone cracks the admin user account or the root account, they have full run of the system.

[bigtomrodney]

To me the advantages are four fold:

• Commands are logged
• There can be multiple system admins without handing out the root password
• You can grant partial root access, i.e. for a specific command
• You are discouraged from just running a shell as root, i.e. you only prefix your root commands with sudo, not ls, cd etc

That last one is important. It's too easy to open a root shell, leave it open and find yourself cheating away by running everyday commands as root. It's important to remember to stick to your user and only elevate privilege when you need it - that's the best part of sudo for me.

daark.child, I have to agree with reed9 on this one, if you crack a user in the sudo/wheel/admin group you already have the equivalent of root. Cracking one of these users is the same as cracking root, no need to unlock root. On the same note if they got root all they'd need to do is change the password.

[daark.child]

I still don't follow why it would be safer not to use sudo. You don't need to enable root to lock out any other users. You could easily create a new admin user account and delete the old user account. Whether someone cracks the admin user account or the root account, they have full run of the system.

I wasn't implying that its not safer to use sudo. What I was focusing on is the locked root account. Personally I would unlock the root account, set a strong password for the account and limit what commands the admin group can run to prevent being rooted if any admin account is compromised.