[sudo-users] How does sudo improve security.

mlh at zipworld.com.au mlh at zipworld.com.au
Sat Apr 9 19:16:28 EDT 2005

On Sat, Apr 09, 2005 at 12:48:19PM -0700, David Thiel wrote:
> It may sound silly, but one thing I've wanted from sudo is the ability
> to actually prompt for the root password(or some other password, for
> that matter),

Yeah, I think that would not be a bad idea.  But definitely not
the root password.

Perhaps a shared password which is changed monthly.

But how much does it slow the cracker down?

If the account is compromised, the cracker can install a trojan
in ~/bin and thence discover both passwords.

Could be worth it though.  You'd have to compare the cost/
convenience against something like securid or one of the 
many other auth schemes that sudo supports.


More information about the sudo-users mailing list