Quote:
Originally Posted by b3r00tb4ck
the only command that should be run with sudo is 'sh' because theres only one password input, and no timeout, and you can do some work like you were in backtrack as root
|
If your only consideration in using sudo was to avoid annoyance then that would be a valid point, but sudo was designed to allow root privileges to be controlled with a greater level of granularity on *nix systems, and there are many other potential uses for it apart from running a shell. If you only want to use a root shell you may as well use su, or just log on as root - sudo only really becomes useful if you intend to use it for individual commands.
Only a week ago for example I wrote a script to output log files from a particular directory only accessible by root, and I allowed an unprivileged user sudo access to that script. This allowed me to grant direct access to these logs to a user without having to give root access to the system (assuming my script doesn't get modified and holds up against command injection).
Quote:
Originally Posted by Virchanza
Just to clarify, what I meant by "sudo password" is the password you get prompted to enter in when you execute the "sudo" command. As you've said, this password is the password for the user account you're currently using (unless you've got a weird sudoers configuration).
|
Its still a rather confusing way to refer to the password. Its like calling the password you use to log on to a system by ssh your "ssh password". Calling it by a different name makes people think that its distinct from your regular user password, when it isn't.
11-03-2009, 01:00 AM
Linear Mode
