Newbie trying to access SU in Ubuntu
in [General Linux]
|
Prev: NYC LOCAL: Tuesday 16 February 2010 Hack Fests: Perl Seminar and NYLUG Squeak
Next: Basic Ubuntu Curiosity Questons
From: Aragorn on 18 Feb 2010 02:29 On Thursday 18 February 2010 04:52 in comp.os.linux.misc, somebody identifying as Keith Keller wrote... > On 2010-02-18, Rahul <nospam(a)nospam.invalid> wrote: >> >> But let's say a user once in a while needs to, say, create a new >> mount point. Or restart a service. Or change an iptables entry. Why >> not then just "su -" make the change and log out. How is this >> workflow any more dangerous than "sudo foo_dangerous_operation"? > > Two reasons: > > --you've just typed in the root password; if someone has installed a > keyboard sniffer they now have the root password. (Yes, if you do > sudo blah they've sniffed your own password and can do sudo su and > accomplish the same thing.) This is false logic, I'm afraid. Anyone with the authority to install software on the system which can sniff the keyboard input from an unprivileged user would already have to have root privileges in the first place to get this malicious software to install, and would not even need to phish for the root password - nor for the unprivileged user account's password, since they can set a new one with... passwd $USERNAME_HERE They could then even get by unnoticed by making backup copies of "/etc/passwd" and "/etc/shadow" first before setting the new password on the unprivileged user account, and restoring the backup copies after "the job is done". On the other hand, there is also the scenario where elevated permissions are needed, but where - through some clever scripting - an innocent looking dialog pops up, asking the user for his own password again, and which then installs some malware on the system. /sudo/ was not really designed to be a replacement for /su/ - see my other reply in this thread - but rather as a way to offer some kind of role-based access control with a limited subset of elevated permissions, or perhaps so that a certain application could be executed as a different, non-root user account. But we all know that lots of things are not being used for what they were actually designed... ;-) -- *Aragorn* (registered GNU/Linux user #223157)
From: Robert Heller on 18 Feb 2010 07:38 At Thu, 18 Feb 2010 03:17:14 +0000 (UTC) Rahul <nospam(a)nospam.invalid> wrote: > > Robert Heller <heller(a)deepsoft.com> wrote in > news:DuidnTmW59w9zuHWnZ2dnUVZ_gGdnZ2d(a)posted.localnet: > > > The same reason wood stoves are not made out of wood or include > > seats... > > > > With sudo set up, there is no reason to ever log in as root. The > > Ubuntu people figured that if root had an actual password, newbies > > would log in as root and go web surfing or something. The war Ubuntu > > is setup, you cannot do that. Instead, anything that does need > > privilege requires the user to enter *his* (or her) password at a > > special prompt -- eg firing up a Terminal and doing 'sudo <mumble>' or > > launching a GUI app using gksudo or something like that. > > > > Wow! I didn't realize this was such a controversial topic. Let me > clarify: I wasn't saying one has to surf the web and do day-to-day stuff > as root. > > But let's say a user once in a while needs to, say, create a new mount > point. Or restart a service. Or change an iptables entry. Why not then > just "su -" make the change and log out. How is this workflow any more > dangerous than "sudo foo_dangerous_operation"? The key phrase here is 'and log out'. It is all to easy to *forget* to log out of the root shell. With sudo, you are (generally) NOT logging into a root shell (one rarely does 'sudo su' or 'sudo bash'). > > To me the main reason to use sudo always seemed to be to delegate a > subset of tasks that normally required root previlages to a ordinary > user. On a multi-user multi-admin server say someone controls httpd or > another guy something else etc. Sort of creating tiny less-powerful > mini-roots. But it still means there is at least one person who is "all > powerful" "root". > > If one gets used to doing "sudo foo" every so often it's likely that one > stops thinking about that and it becomes a reflex action. So then one is > as likely to do mistakes without realizing it. This is true of most 'dangerious' activities. NOBODY is claiming sudo is absolutely 'safe'. It is just 'safer'. Like having guns with safteys -- the saftey does not make the gun 'safe' -- one still needs to learn how to safely handle the gun. > > Analogies: > > (a) Aliasing rm to "rm -i". I got conditioned in a month to always type > "rm -f foobar" > > (b) The annoying Windoze habit of asking a y/n for every small thing. By > default I press the y without even thinking > > Just my thoughts.... > -- Robert Heller -- 978-544-6933 Deepwoods Software -- Download the Model Railroad System http://www.deepsoft.com/ -- Binaries for Linux and MS-Windows heller(a)deepsoft.com -- http://www.deepsoft.com/ModelRailroadSystem/
From: Rahul on 18 Feb 2010 11:38 unruh <unruh(a)wormhole.physics.ubc.ca> wrote in news:slrnhnp635.dii.unruh(a)wormhole.physics.ubc.ca: > One tiny little space. > googling is great if you have some idea what you are looking for. If > not, it is a complete mess. > Effective googling is an art. In today's world quite an important skill. One always has *some* idea what one is looking for but often not the exact word (s) I guess. -- Rahul
From: Keith Keller on 18 Feb 2010 13:40 On 2010-02-18, Rahul <nospam(a)invalid.invalid> wrote: > unruh <unruh(a)wormhole.physics.ubc.ca> wrote in > news:slrnhnp635.dii.unruh(a)wormhole.physics.ubc.ca: > >> One tiny little space. >> googling is great if you have some idea what you are looking for. If >> not, it is a complete mess. > > Effective googling is an art. In today's world quite an important skill. > One always has *some* idea what one is looking for but often not the exact > word (s) I guess. In general this is true. For the example cited, I think I showed that a quite naive google search would turn up an answer in 30 seconds or less (depending on the speed of your network link). I try very hard to be patient with people who come with a question that seems like it should be answered by Google, but when I attempt it the search is nontrivial. But I don't think this is one of those examples. --keith -- kkeller-usenet(a)wombat.san-francisco.ca.us (try just my userid to email me) AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt see X- headers for PGP signature information
From: Keith Keller on 18 Feb 2010 13:38
On 2010-02-18, Aragorn <aragorn(a)chatfactory.invalid> wrote: > > This is false logic, I'm afraid. Anyone with the authority to install > software on the system which can sniff the keyboard input from an ^^^^^^^^ > unprivileged user What about a hardware sniffer? You can imagine someone sneaking in to an open office space and attaching a keyboard sniffer (perhaps it also connects to the local LAN, so that no software intervention is required at all). If he's smart, nobody will ever know till it's too late. Is this at all likely? No, not really. But it is *possible*. --keith -- kkeller-usenet(a)wombat.san-francisco.ca.us (try just my userid to email me) AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt see X- headers for PGP signature information |