Linked by Thom Holwerda on Wed 31st Mar 2010 14:41 UTC
Windows As geeks, we're well aware of the importance of running as a normal user instead of as root (UNIX/Linux/BSD) or administrator (Windows). However, while this should be common knowledge to anyone reading OSNews, it's often hard to illustrate just how important it is - until now, that is. A report by BeyondTrust looked at how many security bulletins issused by Microsoft are mitigated by simply... Not running as administrator.
Thread beginning with comment 416397
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Not entirely...
by Flatland_Spider on Thu 1st Apr 2010 12:58 UTC in reply to "RE[2]: Not entirely..."
Flatland_Spider
Member since:
2006-09-01

Users must be part of the 'wheel' group AND be added to /etc/sudousers in order to have access to sudo. Additionally, to use sudo you have to enter your own password. It's not specifically allowed. Once you use it successfully it will let you continue issuing additional commands via more calls to sudo without a password but only for a given amount of time between calls.


You don't have to be part of the wheel group to use sudo; you just have to be in the sudousers file. The bulk of my experience is with FreeBSD, Fedora, and RHEL/CentOS, so this could be different, but I don't think it is.

Sudo asking for my password has always bugged me. If it really wanted to secure the system, it should have the ability to use a third password separate from the user or root. I've looked into this before, and I remember this is something sudo was never designed to do. This really should be fixed.

'su' doesn't require any group - just that you know the password for that user, root or otherwise.


I never thought about this, but that's true on Linux.

On FreeBSD, the users need to be part of wheel to su to root, they can still su to other users without additional permissions, but normal users don't have su permissions when first created.

Linux might want to tighten that up.

Reply Parent Score: 2