Given that /etc/sudoers is supposed to be read-only (444), this smacks of an insecure installation.
However, my point was not that sudo is perfection, only that it is far more preferable to allowing root access to ssh.
If things get any worse, I'll have to ask you to stop helping me.
| [reply] |
Yes I agree with you that sudo is better than direct root acess. And on my system I don't allow remote root login anyway.
Given that /etc/sudoers is supposed to be read-only (444), this smacks of an insecure installation.
Yes the /etc/sudoers file was read-only, but my script does -
chmod u+w /etc/sudoers
... bits to modify my sudoers entry ...
chmod u-w /etc/sudoers
When I do a sudo make, *every* command inside the Makefile are automatically run with ROOT priviledges, so there is no secure system when I can do "sudo make". :)
(I know this is OT, but interesting to know and talk about. So one thing I never do is to give people sudo access on make)
| [reply]
[d/l] |
Okay, then you're original statement (Roger thinks ssh->root is as secure/insecure as ssh->sudo.) is somewhat qualified. I can live with that. It was that statement that led to my original reply. They're not the same, and I think we've both made that clear.
The end. ;)
If things get any worse, I'll have to ask you to stop helping me.
| [reply] |