Hi all,
I was just crious to know your thoughts about sudo i.e. does it really enhance security or do you feel that it doesn't provide with much security as Ubuntu folks think And also post your personal experiences of using sudo and your first thoughts about it and any suggestions to improve sudo mechanism(specially from Ubuntu point of view).
Regards,
Tayyab
PS: Sorry for the typo in the title and problem is that I can't correct it also.
sudo does not enhance security. Remove sudo and you will have a more secure system. But if you want to give a non-root user the power to run a few commands as root, sudo is a way to do that. sudo is open source and it has been around for quite a while. Lots of very smart people have inspected it for problems. There don't seem to be any surprises lurking in it. sudo is configurable and it can easily be misconfigured. So I trust sudo but I trust a system with sudo in use only after I inspect the configuration. One better approach is to not need sudo or anything like it. Need a command run as root? Contact an SA. Need to run a command as oracle? Contact a DBA.
An alternative is RBAC (role based access control). The NSA (National Security Agency) assembled a team to develop an RBAC system for Linux and actually posted the source code on the net. I believe that the required kernel changes have been roled into the latest linux kernel. Some distros support RBAC. I don't know a lot about RBAC. Not too many people do... it's rather new. It could certainly be misconfigured as well.
BTW, I fixed that typo.