The Perils of Sudo With User Passwords

"The consensus among new Unix and Linux users seems to be that sudo is more secure than using the root account, because it requires you type your password to perform potentially harmful actions. In reality, a compromised user account, which is no big deal normally, is instantly root in most setups. This sudo thinking is flawed, but sudo is actually useful for what’s it was designed for.

"The (wrong) idea is that you shouldn’t use the root account, because apparently it’s too “dangerous.” This argument usually comes from new Linux users and people that call themselves “network administrators,” but has no basis in reality. We’ll come back to that in a moment.

"The concept behind sudo is to give non-root users access to perform specific tasks without giving away the root password. It can also be used to log activity, if desired. Role-based access control isn’t available in Linux, so sudo is a great alternative, if used properly."

Complete Story

Related Stories:

• How to add users to /etc/sudoers(Jan 07, 2010)
• Microsoft Patents Sudo?!!(Nov 11, 2009)
• By design security issues with linux default limited accounts (Ubuntu's sudo is not secure)(Jul 18, 2009)
• What Happens When You Run "sudo rm -rf /" (video)(Apr 10, 2009)
• Running Complex Commands with sudo(Apr 03, 2009)
• Stop Telling sudo Your Password(Mar 21, 2009)
• sudo: Running a Command with root Privileges(Dec 27, 2008)
• sudo, or Not sudo: That is the Question(Feb 10, 2008)
• And What Exactly Will sudo rm -rf Do?(Dec 06, 2007)
• PolishLinux: Sudo FAQ(Feb 27, 2007)