On Monday 18 October 2010 09:15 AM, James Mckenzie wrote: > su - exposes the root password and is generally discouraged. sudo > does not but exposes which users have this privilege. Logins > through unsecured means should be disabled or very closely > controlled. Most SAs now disable or remove unsecure login processes > at build time. > I am not sure how it is insecure, could you elaborate? At least to me giving (limited/full) root privileges to an ordinary user seems a lot more risky. The way I understand it if I have the following in my /etc/sudoers file, %<user_group> ALL=(ALL) ALL then there is no difference (other than the logging) between how the command is executed as compared to, $ su - Password: # <command> If my understanding is correct, I fail to see the source of the insecurity. > James McKenzie -- Suvayu Open source is the future. It sets us free. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
