hey guys I was told that the sudo command was not secure like once you type in a sudo command and type in your admin pass it lets in intruders thats not true is it because I also thought sudo was a way of installing or retreiving from terminal
hey guys I was told that the sudo command was not secure like once you type in a sudo command and type in your admin pass it lets in intruders thats not true is it because I also thought sudo was a way of installing or retreiving from terminal
Told by whom and in what context?
Barring possible bugs, sudo is secure. It does what it's supposed to do and nothing more. The problem is, it's supposed to execute something else with root (unrestricted) privileges. When someone tricks you into running a malicious command or a piece of malware with sudo, you're indeed at the mercy of the attacker.
Sudo allows elevated privileges to the system and a user or attacker can certainly break things. If you stick to the software center for installing applications you will avoid installation of malicious software( no system is perfect). Remember that software doesn't get installed without elevated permissions or a password. Sticking to a user account rather than administrative is another simple safe guard .
https://help.ubuntu.com/community/RootSudo
"Our intention creates our reality. "
Ubuntu Documentation Search: Popular Pages
Ubuntu: Security Basics
Ubuntu: Flavors
I have read that sort of comment on eg the PCLOS forum http://www.pclinuxos.com/forum/index...html#msg758079.
Some folks there have a beef with sudo being used otherwise to original intent. For a single user desktop installation it appears to me to make no real difference.
Also some with the preservation of the elevated privileges for a default period - 15 minutes. You can reduce or eliminate that if you want though.
https://help.ubuntu.com/community/RootSudoTimeout
Last edited by maglinu; April 11th, 2013 at 07:50 PM. Reason: Add PCLOS link and comment on it
Wow, that post by Old-Polack sure spells their stance out. The post is about two years old and I thought both Debian and Fedora allowed sudo usage like that.
*shrugs*
To each their own. If you want a specific user to have "admin rights" via sudo, add them to the sudo group and there you go.
Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide
Tomorrow's an illusion and yesterday's a dream, today is a solution...
Thanks guys the tip I'll stick with the software center thanks
Bookmarks