Re: [orca-list] Root sudo gksudo confusion
- From: luke <speakup lists tacticus com>
- To: Scott Berry <n7zib northlc com>
- Cc: James & Nash <james austin1984 googlemail com>, orca-list gnome org
- Subject: Re: [orca-list] Root sudo gksudo confusion
- Date: Tue, 9 Dec 2008 00:58:56 -0500 (EST)
On Mon, 8 Dec 2008, Scott Berry wrote:
Best practices tell us that yes it's good to have a limited acount but
in Ubuntu if I understand correctly your root and user accounts are
actually tied together. Some one correct me if I am wrong please.
You are wrong. Consider yourself corrected.:)
One can not "tie together" accounts in Linux.
There is a root account.
There is a normal user account, created as part of the install process.
That normal user account is a member of many administrative groups, so if
those groups are authorized to do various things, then the user account
will be authorized to do those things.
This is not at all abnormal, and groups have been used in this way since
long before anyone using Unix heard of Ubuntu.
Thype this only if you want to change the way the root password is
accessed otherwise it's best to leave this at default if your not
familiar with Linux:
sudo root passwd
That does nothing--"root" is not a command. "sudo passwd" is the correct
command for what you are explaining. You were probably thinking of "sudo
-u root passwd", but since "root" is the assumed user in default
configurations of sudo, that is redundant.
It does not change the way "your root password is accessed"--it sets or
changes a password on your root account.
Okay, so here's the deal.
The sudo command, causes the command following it (such as "passwd" in the
above example) to be run as the root, or administrative, user.
So, "sudo reboot" will reboot your system, which you may not be able to do
as a normal user.
This allows you to run commands as root *only* when you need to, without
having to log in as root, or start a root shell with "su", in which case
you might do some damage by forgetting who and where you are. (Yes, the
most experienced users have done it)
If you really do need a root shell for something, running "sudo bash" will
get you one, as will "sudo su -", although that is longer, and most of the
time shouldn't make any difference.
(Simply all I am doing is changing the password but I am also getting
rid of the sudo and I can just su in to my account, some people probably
believe this is more unsecure but I prefer it)
You haven't gotten rid of the sudo, you have just made it possible to use
su and a root password to become root, or to log in as root directly.
Sudo still works exactly as it did before.
You have damaged the security of your system, however, because now you
have enabled people to login directly as root with a password. If you
have to give someone else access to a single administrative command, you
now have to give them full root access in order to do it.
One of the values of sudo, is that you can give a user permission to run a
single command or a few commands as root. That user could then run "sudo
mount" to mount certain drives, or maybe "sudo /etc/init.d/apache2" to
start, stop, or reload the web server, etc.. Such users will not be able
to shut down the system, get a root shell, or view other users' data, and
they will not need to know the root password--all they need is their own
password, and really why should they have to know another password when
all they want to do is something slightly administrative?
You can still do all of that with sudo after you have enabled the root
account's password as Scott describes, but unless there is a good reason
for it (swat, for example), why bother? It is trivially easy for the main
system user, and anybody else he likes, to get a root shell with "sudo
bash" or "sudo su" or the like.
There are more security implications: say that one of the users on your
system has a simple password, and someone cracks their way in? They can
then sit there with a dictionary cracking tool, and plug away at your root
password until they gain full administrative access to your system.
If you're using sudo, however, and haven't enabled a root password, they
can not do this, provided that the regular user they cracked, does not
have any sudo permissions, or has limited permissions.
Then too, is the idea of external cracking: every Linux system has a root
user, so of course it is the most often targeted account. If it has a
password, the chances increase that it can be broken into by someone from
outside who breaches your security.
Again if you like the security don't use this but for me it keeps the
root and the normal user password separated. I also like su much better
May I ask why?
I was a user of su for years. I only heard of sudo when I started using
Ubuntu about 4 years ago, and found no reason to use su since then, except
in very specialized applications, or for becoming another user from
within a root shell.
None of my personal systems have enabled root passwords, and probably98%
of my servers have no root password either.
I am curious as to your reasoning.
] [Thread Prev