Linux.com

Home Linux Community Forums Software Desktop Whats the best OS for us

Whats the best OS for us

Link to this post 03 Jun 10

Maarek Stele wrote:


First reason as I've seen online and from my server logs, root is the primary account automated scripts try to break in through. Before adding additional security measures to block these scripts and free up bandwidth, my server logs were in the 10s of thousands with these types of hits. Sure I'm using SSH which Greatly slows down the automation of the attack, but the whole findings end up annoying, I would trace hits from Guatemala, China, Russia, Middle East, and even parts of the US. And that's about it. Nothing more I can do in return without repercussions.

The Second part of not activating the root user is simple. If you want to be in the command line as "the" admin, just type [b]su[/b]. you'll be at a # sign after the password and you won't need the sudo option for the server maintenance you are preforming.

I totally disagree. If you feel unsafe on your server for the root user, just disable the remote login as root (besides, that is the right thing to do).

And about the "su" command, you can't do that on Ubuntu as the root user is disabled! There is no password for it ;)

First thing I do on sudo based systems:


sudo passwd

To get the root user back.

Using sudo is getting another program with the suid bit which is a security flaw as well. The less programs you have with that bit the better.

What else? Using sudo is getting the admin security to a user's password level... safer than having a safe password for root? I guess not ;)

Naaaahh, using sudo is a bad idea security wise IMHO

Link to this post 03 Jun 10

sudo can only be used by an admin level user. Standard users do not have permission to use the sudo command unless permitted via their own password. Also, if you have a poor password, then it's your own fault. Also, su again, only for the admin user to temporary activate the root user for multiple commands. Once the terminal session ends, so does that option.

Sudo allows flexibilty for standard users. Because you can edit he sudo file for that user and make them a "power user" rather then an admin who is capable of venturing everywhere on the system. The sudo option also tracks the user since you won't share the root account with anyone else for security purposes. the initial user is the admin which has access to the sudo command. All subsequent users do not have access to sudo unless granted by the admin. It's all about perception

http://manpages.ubuntu.com/manpages/karmic/en/man8/sudo.8.html

Frankly if you are used to root, then use that. years ago I've used Slackware on older 486 computers. To me I'm rather pleased with Ubuntu's progress over the years.

Link to this post 03 Jun 10

Nice explanation Maarek,
I mean don't get me wrong sudo is extremely useful when it is used correctly. And Ubuntu's method of using sudo for the for the admin and default user is both good and bad:

Pros:
it keeps the users from running everything as root
The default unconfigured installation has security that is accessible to normal users

Cons:
Some users don't really understand why they are using sudo, so they end up using it for all command line commands.
If the user does not practice proper security the system is quite exploitable
The default user which is normally the admin has full rights that can be exploited by anyone logged into the account.

It all comes down to a simple rule, the system is only as good as the admin, if the admin does not know what they are doing then you can only do so much to force integrity and security.

Link to this post 03 Jun 10

Still can't see the point of using sudo. I would prefer using "su" not just to login as root but to run a command as sudo does. Besides, with "su" you can run any command as any user/group you want...

I fail to see the usefulness in sudo as "su" does exactly the same (as far as I know). Would you point me to something that "sudo" does that is different from "su"?

And, still, you rely on a *user's password for security!!! I agree that is not every user on the system but a few granted but I still believe is safer to have a root admin for doing "admin staff".

Marc

PS:love this healthy discussions!!!

Link to this post 03 Jun 10

sudo can be useful if you edit the sudoers file to give rights to specific command such as changing specific user's passwords, modifying network connection, etc... but using it to give someone full rights to the admin console is some type of security oer letting them run everything from a root gui login, but not enough to call the system trustworthy.

Link to this post 03 Jun 10

marc wrote:

I fail to see the usefulness in sudo as "su" does exactly the same (as far as I know). Would you point me to something that "sudo" does that is different from "su"?

That's your perspective of being an admin for the system. If my boss said we are using DISTRO X (that uses root), I won't mind one bit. To me, The su/root option is like CAPS LOCK, once you have it on and start typing, you need to delete what you typed to correct the problem, and can be fatal in some cases. For example, while viewing a system file as su/root, you might type something or hit a key deleting a line withing vi. sure, you can always q! out, but you might type w first out of habit and permanently change the file. The sudo option, or lack of it allows you to view the file as an admin and not worry about making any changes.

Even with root in systems typing su will switch over to the root user. I guess my point is that you cannot login as root itself on a system that strongly emphasizes on sudoers unless you set a password for root. Root is present & active, just check the process list. Root is running the system, sudoers just help maintain it.

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board