Ubuntu
sudo package

sudo superuser do to switch user do

Asked by aaparker@gmail.com

The main reason to use sudo is not giving the root password to everyone. That is ok, but it is much more dangerous to use sudo with only asking the user password. Any script that would leak can gain root access with just executing sudo command with the default timing options. Also, trying to guess a user password would be much easy with regards to root password. So, this makes someone in a situation in which using an account like root privilages although he thinks he is not, which can be more dangerous than one would expect to be the result of using sudo. Also, sudo can be configured to ask root pass instead of user pass. However this is not what it was designed for (Protecting the system from me, instead of protecting the system from other intruders, which is my point of view :)). So why not design a hyerarchical user privilage system who have more privilages than the normal user but less then root, and for administrative tasks, it would ask the user an administor group pass instead of root pass? Would not it make system security more robust and reliable? (It can be at least an option, in the graphic installation)...

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu sudo Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Delan Azabani (azabani) said : 		#1

"su" asks for the target user's password (usually root). "sudo" asks for yours. The only people who can switch to another user (or root) using their own password with sudo are the people listed in /etc/sudoers (please DON'T edit this file manually) - namely, people who are "Administrators" in users-admin.

Can you help with this problem?

Provide an answer of your own, or ask aaparker@gmail.com for more information if necessary.

To post a message you must log in.