On Fri, Dec 02, 2005 at 08:34:02AM -0500, Claude Jones wrote: > This is getting at what I was trying to understand - This raises another > question. A constant suggestion I've read is to block root logins and use > sudo. If someone breaks in using my login/pw combo, what's to prevent them > from using sudo to get root privileges? If they've hacked my > username/password, then wouldn't sudo be the first thing they'd try, too? Sudo is a compromise between convenience and higher security. It's not as bad as you first think, though, provided you have a good solid password, because many security flaws grant access to an account *withuout* a password, so the attacker may not have that. Also, since failed sudo attempts are logged, a careful attacker may avoid trying it until a last resort, since if the compromised account *doesn't* have sudo access, the admins will be tipped off. -- Matthew Miller mattdm@xxxxxxxxxx <http://mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/>
