On 9 Feb 2009, at 13:05, Heiko Wundram wrote:
... even when he gets access to one of
your user accounts (who happen to be in group wheel), he still has
to guess
the root password (when doing su -) to be able to become root, and
hopefully
this buys you the time to see in your logs that someone tried local
"su" with
invalid passwords, which should always be a high priority alert.
I have been using `sudo` over `su` for a long time because I felt it
reduces the risk of staying too long logged in as root, doing
something daft and damaging the system.
However I have now many times found myself typing `sudo` commands
automatically & sometimes inattentively, so that would seem to
undermine that argument.
Your point is very persuasive. I guess my remaining objection is that
I have my .bashrc & .bash_profile just the way I like them, and using
root would seem to require me to make any changes in two places.
Stroller.
