[sudo-users] How does sudo improve security.
mlh at zipworld.com.au
mlh at zipworld.com.au
Sat Apr 9 19:16:28 EDT 2005
On Sat, Apr 09, 2005 at 12:48:19PM -0700, David Thiel wrote:
>
> It may sound silly, but one thing I've wanted from sudo is the ability
> to actually prompt for the root password(or some other password, for
> that matter),
Yeah, I think that would not be a bad idea. But definitely not
the root password.
Perhaps a shared password which is changed monthly.
But how much does it slow the cracker down?
If the account is compromised, the cracker can install a trojan
in ~/bin and thence discover both passwords.
Could be worth it though. You'd have to compare the cost/
convenience against something like securid or one of the
many other auth schemes that sudo supports.
Matt
More information about the sudo-users
mailing list