sudoer vs superuser

Hello

I would like to know if I give a user an ALL privilege in the /etc/sudoers
does he become a superuser than ?
isn't that risky ?

thanks

hicham.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

On Friday 01 April 2005 10:56, hicham wrote:
> Hello
>
> I would like to know if I give a user an ALL privilege in the
> /etc/sudoers does he become a superuser than ?
> isn't that risky ?
>


Take a look a "man sudo". Bop down to the "Caveats" section.

Regards, Mike Klinke

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

On Fri, Apr 01, 2005 at 04:56:10PM +0000, hicham wrote:
> I would like to know if I give a user an ALL privilege in the /etc/sudoers
> does he become a superuser than ?
> isn't that risky ?

The user is effectively superuser, yes. However, it's somewhat better, since
there's still an active step -- authenticating with your own credentials --
required to switch into privledged mode.

--
Matthew Miller mattdm@mattdm.org <http://www.mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

On Apr 1, 2005 12:41 PM, Matthew Miller <mattdm@mattdm.org> wrote:
> On Fri, Apr 01, 2005 at 04:56:10PM +0000, hicham wrote:
> > I would like to know if I give a user an ALL privilege in the /etc/sudoers
> > does he become a superuser than ?
> > isn't that risky ?
>
> The user is effectively superuser, yes. However, it's somewhat better, since
> there's still an active step -- authenticating with your own credentials --
> required to switch into privledged mode.
>

Well, it depends on how you set it up. You can set it up to where you
have to give *your* password, *root's* password (assuming sudo to
root, it's actually the password of whomever you are trying to
"become"), or *no* password to use sudo (I believe Fedora's default is
your password as Matthew said). Using your password or no password
essentially gives the user superuser access, but that does not mean
that the user is actually a superuser.
This makes things a little better than logging in as root. Logging in
as root is discouraged because of some security risks, such as running
complex (read: potentially vulnerable) programs due to being logged in
(such as any of the programs involved with running X), accidentally or
unknowingly running malicious code (something you downloaded, say),
and user error (oops, I really didn't want to run "rm -fr /"). As far
as these considerations go, using "sudo" is the same as using "su -",
so in this sense, the user is not a superuser.
A user with sudo privileges must use sudo to do anything that requires
superuser privileges, and this can be a little more secure because all
sudo activity is logged and the user does not need to know the root
password (if so configured). So if you trust the user, then it should
be safe to setup. If you require the users' password to use sudo,
then if someone comes along while the user is logged in and away from
the computer, they will still need a password to use sudo and have
superuser privileges. One problem is, the user can do "sudo su -" and
then have a root shell, the activities of which are not logged. To
echo Mike, look at "man sudo" for more considerations.

Jonathan

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

To simplify, basically the user has permission to run SINGLE commands as
root if he is on the sudoers list. This is safer because (to simplify again)
in order to kill off the system, he can't accidentally type rm -rf
/boot/vmlinuz-... . He has to precede it with sudo. He can still kill off
the system, but only intentionally. :-)

On Apr 2, 2005 12:27 PM, Jonathan Berry <berryja@gmail.com> wrote:
> On Apr 1, 2005 12:41 PM, Matthew Miller <mattdm@mattdm.org> wrote:
> > On Fri, Apr 01, 2005 at 04:56:10PM +0000, hicham wrote:
> > > I would like to know if I give a user an ALL privilege in the
/etc/sudoers
> > > does he become a superuser than ?
> > > isn't that risky ?
> >
> > The user is effectively superuser, yes. However, it's somewhat better,
since
> > there's still an active step -- authenticating with your own credentials
--
> > required to switch into privledged mode.
> >
>
> Well, it depends on how you set it up. You can set it up to where you
> have to give *your* password, *root's* password (assuming sudo to
> root, it's actually the password of whomever you are trying to
> "become"), or *no* password to use sudo (I believe Fedora's default is
> your password as Matthew said). Using your password or no password
> essentially gives the user superuser access, but that does not mean
> that the user is actually a superuser.
> This makes things a little better than logging in as root. Logging in
> as root is discouraged because of some security risks, such as running
> complex (read: potentially vulnerable) programs due to being logged in
> (such as any of the programs involved with running X), accidentally or
> unknowingly running malicious code (something you downloaded, say),
> and user error (oops, I really didn't want to run "rm -fr /"). As far
> as these considerations go, using "sudo" is the same as using "su -",
> so in this sense, the user is not a superuser.
> A user with sudo privileges must use sudo to do anything that requires
> superuser privileges, and this can be a little more secure because all
> sudo activity is logged and the user does not need to know the root
> password (if so configured). So if you trust the user, then it should
> be safe to setup. If you require the users' password to use sudo,
> then if someone comes along while the user is logged in and away from
> the computer, they will still need a password to use sudo and have
> superuser privileges. One problem is, the user can do "sudo su -" and
> then have a root shell, the activities of which are not logged. To
> echo Mike, look at "man sudo" for more considerations.
>
> Jonathan
>
> --
> fedora-list mailing list
> fedora-list@redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>


--
-hackmiester

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

Please don't send HTML to the fedora list.
This is a plain text list.

If you can't figure out how to turn off html or other rich formattinmg
please ask.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

thanks guys for this clarification,
I'm the user and the superuser of my machine , and I just want to get
things done like adsl connection , yum update without having each time
to type a sudo password:
may be i should can give user just limited privileges to make sure
I'm not going to "rm /" everything : )

thanks again
hicham.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

On Sat, 2005-04-02 at 12:27 -0600, Jonathan Berry wrote:
> On Apr 1, 2005 12:41 PM, Matthew Miller <mattdm@mattdm.org> wrote:
> > On Fri, Apr 01, 2005 at 04:56:10PM +0000, hicham wrote:
> > > I would like to know if I give a user an ALL privilege in the /etc/sudoers
> > > does he become a superuser than ?
> > > isn't that risky ?
> >
> > The user is effectively superuser, yes. However, it's somewhat better, since
> > there's still an active step -- authenticating with your own credentials --
> > required to switch into privledged mode.
> >
>
snip
> superuser privileges. One problem is, the user can do "sudo su -" and
> then have a root shell, the activities of which are not logged. To
> echo Mike, look at "man sudo" for more considerations.
>

Anyone who sets up sudoers to allow that command should be shot.

The idea behind sudo is to allow those users who are trusted to have a
limited set of commands to run and to provide for tracking/auditing.

Allowing anyone to use sudo with ALL commands is the same as giving them
the root password (and only as secure as their user password). VERY
RISKY!

> Jonathan
>

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

>Anyone who sets up sudoers to allow that command should be shot.
>The idea behind sudo is to allow those users who are trusted to have a
>limited set of commands to run and to provide for tracking/auditing.
>Allowing anyone to use sudo with ALL commands is the same as giving them
>the root password (and only as secure as their user password). VERY
>RISKY!

Hence why I said I wouldn't recommend it. For my own user (as in myself) I have it like that, but not without password. Without password I would only allow for very limited access. If my account would get hacked I wouldn't really like it to be to easy to gain root access. And 'sudo su -' is a wee bit overstated.. try 'sudo bash' or equivelent and you have a rootshell. If you have ALL = (ALL) that is.

Mattias

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list