[sudo-users] sudo remove -s and -i option

Shawn McMahon syberghost at gmail.com
Tue Aug 22 08:33:29 MDT 2017

It's not that it's MORE effective, it's that what you've done is absolutely
zero effectiveness. It does literally nothing to improve your security.

At best, it causes a momentary annoyance for your users, requiring them to
work around you to accomplish something you haven't prohibited, you've only
made slightly more difficult. Very slightly, in this case, since you
haven't even prevented the most common method of getting a shell; you've
prevented the second or third most common method, and left an infinite
number of others.

At worst, you've actually decreased your system security:

Package manager detection of package integrity is defeated because you've
changed a file (unless you created a package and installed it).
You've made no positive change to system security but convinced yourself
you have made it more secure; this is called a false sense of security and
it's the root of all evil (except those caused by premature optimization).
You've created a tiny speedbump for users and called it security, which
tends to cause them to view "security" as something designed to make their
job more difficult, not something designed to protect them from harm.

It's not that allowing explicit commands is "more effective", it's that
it's effective; what you did isn't. Not even a little. It was probably good
practice for compiling sudo, but unless you built a package, it was
probably good practice at bad habits.

Sometimes the fact that something is easier is a danger sign, not an

On Tue, Aug 22, 2017 at 5:35 AM, Goodman Leung <gbcbooksmj at gmail.com> wrote:

> yes , i agree with you ,
> only allow explicit commands is more effective , but we it is not easy to
> a running business system .

More information about the sudo-users mailing list