sudo and security

Todd C. Miller Todd.Miller at
Tue Jan 13 13:00:25 EST 2004

It's true that in the default configuration giving someone "sudo
all" means that you effectively equivalence the user's passwd to
root's passwd.  You can, however, configure sudo to prompt for the
target user's password instead of the invoking user's password with
a line like this at the top of /etc/sudoers:

    Defaults runaspw

You could do this on a per-user basis if you choose.  Of course,
if you give a user the root password, chances are that user could
login as root via a variety of methods and avoid using sudo.

This is somewhat academic since if you have a user using su to
change to root and that user's password is compromised it is trivial
for an attacker to sniff the tty while the user runs su or put a
trojaned su in the user's path that grabs the password.

 - todd

More information about the sudo-users mailing list