Maarek Stele wrote:

First reason as I've seen online and from my server logs, root is the primary account automated scripts try to break in through. Before adding additional security measures to block these scripts and free up bandwidth, my server logs were in the 10s of thousands with these types of hits. Sure I'm using SSH which Greatly slows down the automation of the attack, but the whole findings end up annoying, I would trace hits from Guatemala, China, Russia, Middle East, and even parts of the US. And that's about it. Nothing more I can do in return without repercussions.

The Second part of not activating the root user is simple. If you want to be in the command line as "the" admin, just type [b]su[/b]. you'll be at a # sign after the password and you won't need the sudo option for the server maintenance you are preforming.

I totally disagree. If you feel unsafe on your server for the root user, just disable the remote login as root (besides, that is the right thing to do).

And about the "su" command, you can't do that on Ubuntu as the root user is disabled! There is no password for it ;)

First thing I do on sudo based systems:

sudo passwd

To get the root user back.

Using sudo is getting another program with the suid bit which is a security flaw as well. The less programs you have with that bit the better.

What else? Using sudo is getting the admin security to a user's password level... safer than having a safe password for root? I guess not ;)

Naaaahh, using sudo is a bad idea security wise IMHO

sudo can only be used by an admin level user. Standard users do not have permission to use the sudo command unless permitted via their own password. Also, if you have a poor password, then it's your own fault. Also, su again, only for the admin user to temporary activate the root user for multiple commands. Once the terminal session ends, so does that option.

Sudo allows flexibilty for standard users. Because you can edit he sudo file for that user and make them a "power user" rather then an admin who is capable of venturing everywhere on the system. The sudo option also tracks the user since you won't share the root account with anyone else for security purposes. the initial user is the admin which has access to the sudo command. All subsequent users do not have access to sudo unless granted by the admin. It's all about perception

http://manpages.ubuntu.com/manpages/karmic/en/man8/sudo.8.html

Frankly if you are used to root, then use that. years ago I've used Slackware on older 486 computers. To me I'm rather pleased with Ubuntu's progress over the years.

Still can't see the point of using sudo. I would prefer using "su" not just to login as root but to run a command as sudo does. Besides, with "su" you can run any command as any user/group you want...

I fail to see the usefulness in sudo as "su" does exactly the same (as far as I know). Would you point me to something that "sudo" does that is different from "su"?

And, still, you rely on a *user's password for security!!! I agree that is not every user on the system but a few granted but I still believe is safer to have a root admin for doing "admin staff".

Marc

PS:love this healthy discussions!!!

marc wrote:

I fail to see the usefulness in sudo as "su" does exactly the same (as far as I know). Would you point me to something that "sudo" does that is different from "su"?

That's your perspective of being an admin for the system. If my boss said we are using DISTRO X (that uses root), I won't mind one bit. To me, The su/root option is like CAPS LOCK, once you have it on and start typing, you need to delete what you typed to correct the problem, and can be fatal in some cases. For example, while viewing a system file as su/root, you might type something or hit a key deleting a line withing vi. sure, you can always q! out, but you might type w first out of habit and permanently change the file. The sudo option, or lack of it allows you to view the file as an admin and not worry about making any changes.

Even with root in systems typing su will switch over to the root user. I guess my point is that you cannot login as root itself on a system that strongly emphasizes on sudoers unless you set a password for root. Root is present & active, just check the process list. Root is running the system, sudoers just help maintain it.