sudo and security

Dan Rue drue at
Tue Jan 13 12:21:34 EST 2004


I am considering implementing sudo at my shop.  The problem is that I am
concerned that it will lead to a less secure environment, and was hoping
to get some feedback from the experts.  

We have an environment with 6 or so people with root privelages, on 10
or so servers.  Currently, rootly power is being overused, imho.  The
problem is that these rootly people are not going to be happy about
losing root.  So, at first, I will need to allow everyone to do
everything with sudo.  And, there will always be a couple (3-4) people
that will always need to be able to do everything.  

So, if you have people using sudo, but they have ALL privileges, it
seems less secure to me because then, they only need their password to
do rootly things - whereas before they needed at least an additional
password.  For instance, with our current setup, if someone's personal
password is compromised, and a malicious user was able to log into a
machine, they would still not have root access without further hacking.
However, with sudo enabled, the intruder would have immediate control of
the system.  

I understand the benefits of sudo what with logging and such - but if
a couple of people have full access I see it as less security, not more.
Am I wrong?

Thanks for any feedback, 

More information about the sudo-users mailing list