[GRLUG] Distro's - was GRLUG test comment
Tim Schmidt
timschmidt at gmail.com
Fri May 5 00:11:08 EDT 2006
On 5/4/06, Raymond McLaughlin <driveray at ameritech.net> wrote:
> In this scheme it seems that user Admin (actually, caps in user name is
> commonly frowned upon, but ...)
yeah yeah... thanks for the lesson. There's such a thing as
simplification for clarity (such as naming the user admin rather than
a more typical name and attempting to explain that they function as a
local administrator).
> can sudo *any* command. Basically any user who can 'sudo
> bash' can then run everything else as root from then on. So in this case brute
> forcing Admin's password is as good as brute forcing root.
Yup. Any user with sudo rights to a shell or similar (an editor with
command escapes, etc.) can abuse that right to execute arbitrary
commands. That's why the policy is deny by default.
As far as breaking admin's account, sure. It's no worse than a
seperate root account with a password in that respect.
> If no one is actually named 'admin', guessing which user to brute force on a
> basic Ubuntu system is simple. If you "ls -n /home" and go for the user with the
> lowest uid you'd probably guess right.
Good call.
> Of course a with a more elaborate, custom config, sudo can be used to dole out
> more fine grained priveleges. But you could do that with or without a root login.
Sure. In the same spirit, you can successfully admin a machine
without a root login. One less password to guess, one less possible
vector.
> So it seems to me that a scheme that allows any given user the power to sudo
> *anything* is more about cultivating prudent habits than security per se.
Hmmm... Ubuntu allows one user to sudo anything. So I'm not sure
where you got the any given user part... However, cultivating prudent
habits is 9/10 of the battle. It's much easier to discourage use of
the root account if it's completely disabled.
> Sorry if I misunderstood your discussion.
I'm just trying to correct a few people's misconception (that sudo is
somehow less secure than using root and su).
--tim
More information about the grlug
mailing list