On Tue, Nov 15, 2005 at 04:08:52AM -0500, Ken Siersma wrote:
AFAIK, it has been standard practice for quite some time to not install sudo if you are concerned about security. I don't have it on my home system which has a direct connection to the internet, with good reason, or my firewall at work, which I installed a good 3 years ago.
Actually, the opposite is true. Sudo allows you to delegate specific commands to specific people if required. Otherwise, if they ever have to do anything that requires root permissions, they have to su to root.. now _that_ is a security hole! In fact, a really secure system is one that the admin _never_ su's to root on to run commands, but does everything via sudo. That way everything you (or anyone else using sudo) does can be controlled, and it's all logged. If you don't like the timed caching of the password, change the settings on your machines to make it more secure. It's in the man pages. -- Mike Marion-Unix SysAdmin/Staff Engineer-http://www.qualcomm.com Bart: "Why the crap do we have to go to church anyway?" Marge: "You just answered your own question with that commode mouth! Besides, you kids need to learn morals and decency, and how to love your fellow man." [cut to church] Reverend Lovejoy: "...and with flaming swords, the Aramites did pierce the eyes of their fellow man, and did feast on what flowed forth!" ==> Simpsons