On Thu, 1 Dec 2005 09:24:28 -0600 Dave Sherohman wrote: > sudo is great for tracking who does what as root and for preventing > yourself from accidentally doing something with greater powers than > intended, but it can very easily be counterproductive if your intent > is to increase resistance to unauthorized access.
The sudo/wheel approach is also a handy one when you want to update the root password regularly, but you do not want to tell it to everyone. Say you work in an heterogenous enterprise with lots of admins having their unix workstation. They need root permissions on their desktop machine, but you do not want to distribute the root password (lacking the encrypted channel to reach everyone for example). Then you can add them to the wheel group and give them a root shell that way. Meanwhile you can update the root password without any problem. Ubuntu follows this road a bit further by setting a random root password nobody actually knows. This seems consequent to me. But having to explain to my boss why i do not know the root password of our linux workstations did not seem that attractive. regs, Christian Folini -- Christian Folini - mailto:[EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
