Yes I agree with you that sudo is better than direct root acess. And on my system I don't allow remote root login anyway.
Given that /etc/sudoers is supposed to be read-only (444), this smacks of an insecure installation.
Yes the /etc/sudoers file was read-only, but my script does -
chmod u+w /etc/sudoers
... bits to modify my sudoers entry ...
chmod u-w /etc/sudoers
When I do a sudo make, *every* command inside the Makefile are automatically run with ROOT priviledges, so there is no secure system when I can do "sudo make". :)
(I know this is OT, but interesting to know and talk about. So one thing I never do is to give people sudo access on make)
| [reply] [d/l] |
Okay, then you're original statement (Roger thinks ssh->root is as secure/insecure as ssh->sudo.) is somewhat qualified. I can live with that. It was that statement that led to my original reply. They're not the same, and I think we've both made that clear.
The end. ;)
If things get any worse, I'll have to ask you to stop helping me.
| [reply] |