Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Sudo makes me feel stupid some times...
New Posts  All Forums:Forum Nav:

Sudo makes me feel stupid some times... - Page 4

post #31 of 43
Quote:
Originally Posted by bomfunk View Post
I don't see how it is "obscure" in any way...
Quote:
Originally Posted by ch_123 View Post
It's useful to have an additional layer of security in case the password is compromised. The issue here is not that he questions the usefulness of the feature - but on the contrary he wants rid of it specifically so that people who are not meant to be root can become root. It's basically dumbing down the security for the sole reason of making it possible for an unauthorized user to get root on the machine. Maybe that was fine during his glory hacker days in MIT, but you'd think that an OS that is widely used by governments, banks, etc will not have a disdain for system administrators designed in the the basic OS tools (as he basically says out straight)
its obscure cause it adds a layer of security that can easily be abused.

most administrators i know a grade A morons, they would honestly think "oh i will give them sudo rights as wheel, they can't do anything dangerous then."

on paper sudo and wheel is a great idea...
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
post #32 of 43
sudo is effectively the same thing as the wheel group, except you don't need to know the root password to gain privileges on the system.

Quote:
its obscure cause it adds a layer of security that can easily be abused.
Any security can be abused. Why stop with getting rid of wheel?

Quote:
most administrators i know a grade A morons, they would honestly think "oh i will give them sudo rights as wheel, they can't do anything dangerous then."
You do realize that wheel is to do with getting access to su not sudo? So you need to know the root password in addition to being on the wheel group, and if the admin is giving out the root password to everyone, then no security is going to save the system.

Again, RMS removed the wheel group exactly so that users could take over the system. It's nothing to do with making the system more secure, it was to make the system more insecure

Quote:
The GNU project is about software freedom. If you are for software freedom in its fullest, you can't possibly support the concept of a wheel group. If you are willing to compromise, then of course you can support it. But supporting it would be hypocritical of Stallman and the GNU project. I completely understand his position, even if I don't necessarily agree with it (I'd need to think about it more to decide if I do or not).
That to me is the problem with the GNU project. It has aims that are not always compatible with what computer users and administrators need of a system. See also: "Why do you need working drivers when you can have FREEDOM?"
Daedalus
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II X4 955 Gigabyte MA78GM-UD2H Gainward 9600GT GS 4GB OCZ Platinum PC2-6400 
Hard DriveOSMonitorKeyboard
250GB Samsung P120S, 1TB Samsung F1 Window 7 64bit/Arch Linux Samsung 204B 20"/Dell 1701FP IBM Model F and others 
PowerCaseMouse
Corsair HX620 Lian-Li V350B Steelseries Ikari Laser 
  hide details  
Reply
Daedalus
(13 items)
 
  
CPUMotherboardGraphicsRAM
Phenom II X4 955 Gigabyte MA78GM-UD2H Gainward 9600GT GS 4GB OCZ Platinum PC2-6400 
Hard DriveOSMonitorKeyboard
250GB Samsung P120S, 1TB Samsung F1 Window 7 64bit/Arch Linux Samsung 204B 20"/Dell 1701FP IBM Model F and others 
PowerCaseMouse
Corsair HX620 Lian-Li V350B Steelseries Ikari Laser 
  hide details  
Reply
post #33 of 43
Quote:
Originally Posted by ch_123 View Post
That to me is the problem with the GNU project. It has aims that are not always compatible with what computer users and administrators need of a system.
Well that is a matter of perspective. As far as Stallman is concerned, it is exactly what the users need, but perhaps not the administrators. Remember that philosophy is involved here, not just technical details. If you don't agree with the GNU philosophy, then you can use something else, or modify it to meet your needs.

The main point behind what Stallman is saying is that nobody should have absolute power, not that a system needs to be insecure. If a sysadmin decided that a pay rise was needed and they locked everyone out of the system until they got that pay rise, there could be significant consequences for the business. Allowing any user to become root as long as they have the password means that the sysadmin's ability to hold the IT system for ransom is hamstrung.
Edited by randomizer - 2/22/11 at 3:27am
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
post #34 of 43
Thread Starter 
from my pov there really is no problem...

with an account that can sudo you can still get root access when needed, but by default everything you run does not have root access... this keeps security fairly tight as long as the user isnt a complete idiot... the same with being able to su you can always make user accounts that can basically do nothing... that way you can have your average user who cant su and cant sudo and you would just have to log in for a root session seperately or into a sudo user account if you needed to do any maintenence

it really comes down to how stupid is your system administrator for your network... if they give uneducated irresponsible users the ability to sudo or su... then ofc its a security risk... BUT if they limit people to the bare minimum of what they need to do on the system, you can keep your super user accounts with the ability to sudo and su to JUST the people who need to perform admin tasks on the system and end up keeping your security tight with all your lower level users who just need to do word processing and file management and stuff...

the problem being discussed really comes down to how lazy people can be in setting up security it doesnt matter what kind of security features are in place, if you are lazy in setting it up and dont take the time to do it right, you WILL have an unsecure system... sudo and su accounts are meant ONLY for administrators (or single user systems), it is basically the same as a root account except you run everything with lower level permissions by default leaving your system secure until you need those admin level permissions
Kinda meh now...
(13 items)
 
  
CPUMotherboardGraphicsRAM
PhII 940 BE asus M4N82 Deluxe 2x 8800gts(g92) 2x 1g ocz ddr2 1066 
Hard DriveOptical DriveOSMonitor
/dev/sd[abc] /dev/sr0 WinXP/Linux 22in acer 
PowerCaseMouseMouse Pad
950w rosewill timebomb Antec 900 (2small) Voodoo Deathadder (RED!) X-Trac Pads Ripper XL 
  hide details  
Reply
Kinda meh now...
(13 items)
 
  
CPUMotherboardGraphicsRAM
PhII 940 BE asus M4N82 Deluxe 2x 8800gts(g92) 2x 1g ocz ddr2 1066 
Hard DriveOptical DriveOSMonitor
/dev/sd[abc] /dev/sr0 WinXP/Linux 22in acer 
PowerCaseMouseMouse Pad
950w rosewill timebomb Antec 900 (2small) Voodoo Deathadder (RED!) X-Trac Pads Ripper XL 
  hide details  
Reply
post #35 of 43
Quote:
Originally Posted by ch_123 View Post
sudo is effectively the same thing as the wheel group, except you don't need to know the root password to gain privileges on the system.

Any security can be abused. Why stop with getting rid of wheel?

You do realize that wheel is to do with getting access to su not sudo? So you need to know the root password in addition to being on the wheel group, and if the admin is giving out the root password to everyone, then no security is going to save the system.

Again, RMS removed the wheel group exactly so that users could take over the system. It's nothing to do with making the system more secure, it was to make the system more insecure

That to me is the problem with the GNU project. It has aims that are not always compatible with what computer users and administrators need of a system. See also: "Why do you need working drivers when you can have FREEDOM?"
i've seen sudo and wheel abused a lot in my time, cause sysadmins are morons, thats why it will always be to me, a "security thru obscurity", it is added layers, that only work if they are setup correctly...which in most cases are not.

stalman is a lunatic, we've all known this for a long time. his concern might not have been cause of security, but mine definitely are.

but this is the beauty of GNU/FOSS, we don't have to adopt all views of stalman to be able to use the software

i don't subscribe to the 100% open, that GNU promotes (prolly why i will never use GNU/Herd if it ever comes out.)

Open-Source is not a religion, you don't not have to accept stalman as a prophet or the messiah to use the software. if i agreed a 100% with stalman, i wouldn't be using 90% of the software i use in linux (lots are propeitary, or use MIT licenses, or some other non-gpl free license.)

but then again, you have fanatics, who go beyond stalman's lunacy at times (people who take performance hits to continue to be a 100% gpl.) like not using nvidia proprietary drivers, or using binary blobs in the kernel, or using software that is OSS, but drastically inferior to a proprietary-software (paid or "free").

I'm thankful to GNU, GPL and OSS, but i'm not a 100% sold into it, about 60% sold into it. but i'm also not above buying a proprietary software, or donating money to my chosen distro or a project i use.

if anything i agree with about GNU/GPL/OSS, is freedom of choice.
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
post #36 of 43
I don't think there are any more fanatical people than Stallman. He uses a 9" netbook as his main PC because he was able to install a GPL BIOS replacement, which was near impossible on anything else. I admire his consistency, even if I don't agree with his views in their entirety. He doesn't compromise, and so it strengthens his position. It's got the Four Freedoms or he doesn't use it.
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
post #37 of 43
is it a one laptop per child netbook? if it is, that dude is dedicated, or certifiable, then agian he is committed...but then again there is a fine line...
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
post #38 of 43
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
post #39 of 43
Quote:
Originally Posted by randomizer View Post
i've been trying to get one of those damn things for ages!

well on of these:

This

last time i called that number, the person told me i had to be in china or know a chinese citizen to have them order me one, and then have them send it to me.

MIPS is the future x86 is just keeping its place warm for now
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
post #40 of 43
Maybe you should ask Stallman how he managed to get one.
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Linux, Unix
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Sudo makes me feel stupid some times...