So it is more secure to do as I do, which is to keep a root window open on an unused workspace?Originally Posted by LordHunter317
So it is more secure to do as I do, which is to keep a root window open on an unused workspace?Originally Posted by LordHunter317
Not especially, no. Again, it's just a matter of time until they get the privileged password. You had to enter a password to open that window, right? Well, they can get it.
Just LOL !Originally Posted by nocturn
Only a stupid will add ALL=(ALL) ALL That's not how it generally is, usually users give access to themself or if it is a huge/wide system they use the wheel group which is btw if enabled in PAM works the same for su (only wheel groups have su access) like on freebsd by default
firefox run as ur username, I use sudo without passsword, so even if an attacker (THAT'S a huge IF coz I challenge anyone out there to break into my network), he can't get much using sudo, sudo is limited here to some commands not all, but again if firefox has a bug, the attacker will not enjoy breaking ur system as much as enjoying deleteing your home folder contents, I mean seriously i Format like every week I don't give a damn about /, /home is a seperate partition, so if an attacker came here, I welcome him, do whatever he wants around /, but one file removed from /home will be so unacceptable, so really think of it again, harming /home/* does much more damage than /*, which lead us to FIREFOX=BAD SECURITY and not SUDO = BAD SECURITY, so, do i have to use elinks/links/lynx then ?? or maybe wget ??
So as Usual, DO NOT blame the software, blame ppl's stupidity, Like when someone got robed in his bank account and says that Credit Cards are useless and dangerous, well NO he should say, damn it i should have known that the damn site was some kind of spam...
I love SU too, it's cool to type su than sudo su (or sudo -s -H), but i don't say sudo is a bad security, if someone break into ur account and had sudo access, he can also break to your root account, it's the same, except that root is more common an attacker will try it more often over ssh
I just love this quote Nice and Wisely said LordHunter317Then they shouldn't be running servers. Period.
BTW the rest of my post is in LordHunter317's post above, he said all what i wanted to say, maybe just GO LEARN SUDOERS then come and argue
Last edited by Gandalf; June 9th, 2006 at 10:22 PM.
Uhh, the line nocturn posted was the Ubuntu Warty default and perfectly secure. It means that root (and only root) can run any command on any host as any users.Originally Posted by Gandalf
Stop and think about this for a second. If you don't understand what I just said, then ask.
What would be dangerous (and what Gowator was trying to claim) was the policy was:Note the leading ALL there, where root was.Code:ALL ALL = (ALL) ALL
That would be dangerous. But it isn't what is done, either.
In practice, unless you've very carefull audited your sudo policy, I bet money they can still compromise your system and probably trivially get root.so even if an attacker (THAT'S a huge IF coz I challenge anyone out there to break into my network), he can't get much using sudo, sudo is limited here to some commands not all,
Auditing sudo policy is very difficult. As a simple example, can you run less via sudo? If so, they just got a root shell. Or emacs? Or vim? Same deal.
Yes sorry i meant ALL ALL = (ALL) ALL when i was talking
when u run vim/less/etc.. via sudo, you got a shell access i agree, but the process is owned by root and not regular user, and it ain't accessible in any way by any other user, unless there's a security hole in the running software like bzip2 1.0.3 without the CAN-2005-0953 bzip2 race condition patch where a user can have write access to file owned by another user ... not own a running process
And that's how the attacker gets a root shell where they can do anything you like. It lets an attacker circumvent sudo's security completely.Originally Posted by Gandalf
But that's not the concern. Tne concern is the ability of the attacker to do anyhting they want as root using your account's elevated privileges. The programs I mentioned are all paths to do that.and it ain't accessible in any way by any other user,
Hi, I'm not an expert in sudoers but I think if someone can get an user in a machine running ubuntu he can make anything he want even change root's password by typing "sudo passwd"
Isnt' that right ?
No, it's not right in the least. You have to be either the first created account (Warty) or an account in the 'admin' group (every other release). Then you can run any command you want as any user you want.
But guys, people, you are not getting the big picture here, can anyone tell me what's the difference between sudo and su when it comes to hacking ?? if i could crack ur user password i bet i can break into ur root account (i don't mean using sudo as sudo su), so please stop blaming sudo, but blame the user for either his stupid easy password or coz he writtent his password on a note above the screen lol
Which is better depends on your security model. A valid reason to have a seperate root password (or second sudo account) would be that your threat model includes using your user password over an insecure connection or an insecure location (like a kiosk, Internet Cafe or a library).Originally Posted by Gandalf
When the danger of password exposure is equal to both the root account and your user account, there is no advantage in having two.
Linux user #249404 - September 1997
http://nocturn.vsbnet.be - RSS
Before executing any commands, make sure you kow what they mean, read this first!
Bookmarks