From owner-freebsd-security Thu Mar 25 12:56:28 1999 Delivered-To: freebsd-security@freebsd.org Received: from stennis.ca.sandia.gov (stennis.ca.sandia.gov [146.246.243.44]) by hub.freebsd.org (Postfix) with ESMTP id 5775314CA6 for ; Thu, 25 Mar 1999 12:56:27 -0800 (PST) (envelope-from bmah@stennis.ca.sandia.gov) Received: (from bmah@localhost) by stennis.ca.sandia.gov (8.9.3/8.9.3) id MAA25581; Thu, 25 Mar 1999 12:56:06 -0800 (PST) Message-Id: <199903252056.MAA25581@stennis.ca.sandia.gov> X-Mailer: exmh version 2.0.2 2/24/98 X-Exmh-Isig-Comptype: repl X-Exmh-Isig-Folder: inbox To: Matthew Dillon Cc: bmah@california.sandia.gov (Bruce A. Mah), freebsd-security@FreeBSD.ORG Subject: Re: sudo (was Re: Kerberos vs SSH) In-Reply-To: Your message of "Thu, 25 Mar 1999 12:44:03 PST." <199903252044.MAA02527@apollo.backplane.com> From: bmah@CA.Sandia.GOV (Bruce A. Mah) Reply-To: bmah@CA.Sandia.GOV X-Face: g~c`.{#4q0"(V*b#g[i~rXgm*w;:nMfz%_RZLma)UgGN&=j`5vXoU^@n5v4:OO)c["!w)nD/!!~e4Sj7LiT'6*wZ83454H""lb{CC%T37O!!'S$S&D}sem7I[A 2V%N&+ X-Url: http://www.ca.sandia.gov/~bmah/ Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_-1094945312P"; micalg=pgp-md5; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Thu, 25 Mar 1999 12:56:06 -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --==_Exmh_-1094945312P Content-Type: text/plain If memory serves me right, Matthew Dillon wrote: > : > :> We used sudo for a little while 3 years ago, but I decided that it was > :> too big a security risk and wiped it. sudo is one of the stupidest > :> programs I've ever seen. > : > :I'd be curious to hear what you think sudo's shortcomings are, and why it > :merits being labeled as one of the stupidest programs you've ever seen? > : > :Bruce. > > Simple: Because the program is designed to poke holes through > root and run specified programs. It's fairly easy to > misconfigure it, and there is no guarentee that the programs > it runs are themselves secure. sudo opens up a whole can of > potential security problems. I prefer sudo to su if for no other reason than it eliminates the need for me to remember a bunch of root passwords for machines. I don't use the features that restrict what commands can be run, so I couldn't comment on those. Having command logging is nice also, but for me it's less to keep tracks of the Bad Guys than as a record of things I've done as root. For me it fits the bill nicely, although your points are well taken. Bruce. --==_Exmh_-1094945312P Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: 2.6.2 iQCVAwUBNvqi5ajOOi0j7CY9AQEIEgP9F6GYXvrhmnqExsS1rvNwO/45K9g8h/W+ ninvwG4U475r3sh4Mt1Gc7ii6aJwedzkul6Yihm5RX7MF9g1k+6wyLGoyFmdkE+u gu4B3SZMYrcahvRoBQETqy1Bx+E199WN8wyJf3geFHXdi3en9NbQPzf9X4jyrCkm TYggPu4OI/g= =V2Ro -----END PGP MESSAGE----- --==_Exmh_-1094945312P-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message