sudo and security
Todd C. Miller
Todd.Miller at courtesan.com
Tue Jan 13 13:00:25 EST 2004
It's true that in the default configuration giving someone "sudo
all" means that you effectively equivalence the user's passwd to
root's passwd. You can, however, configure sudo to prompt for the
target user's password instead of the invoking user's password with
a line like this at the top of /etc/sudoers:
Defaults runaspw
You could do this on a per-user basis if you choose. Of course,
if you give a user the root password, chances are that user could
login as root via a variety of methods and avoid using sudo.
This is somewhat academic since if you have a user using su to
change to root and that user's password is compromised it is trivial
for an attacker to sniff the tty while the user runs su or put a
trojaned su in the user's path that grabs the password.
- todd
More information about the sudo-users
mailing list