[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 20/12/13 16:58, Tremayne, Steve wrote:
Ubuntu installs with a "disabled" root user and a user that you created during install. That user is a member of the sudo user group so running commands with sudo will work for that user. If you add extra users, they can't do sudo unless you add them to the sudo group.OK, I've only recently caught up with the LUG emails and this one passed me by... I am aware that I don't understand "root" access completely, so if someone can give a succinct overview (or point me to the webpage I couldn't find after searching on t'interweb), then I would appreciate the chance to not fall in to a security problem in the future ... Just to clarify - I'm just looking to learn about the different reasons behind these approaches, rather than the specifics of Stinga's server problem Ok, so "root" is a user. Ok, understood. (Not quite sure where the "wheel" group comes in to this, but that's possibly a different topic) And "sudo" and "su" are commands to run a command as a different user..., i.e. root?? But *buntu's don't have a "root" user, so I'm getting hazy now... So, if your friendly hacker has found any user/password combo to gain access, surely they then just type "sudo <bad commands>" and they have exactly the same access level to the box? I believe that the reason for sudo was to allow a user access to specific commands at a privileged level (i.e. sudo apt-get update) but not others (sudo install rootkit)... So where does "su" come in to this? And (for a bonus point), why do some distros use one over the other? :o) I'm just trying to learn the fundamental security concepts here, so that I can understand the advice given to Stinga and make my home system more secure Thanks (& Happy Christmas!) Steve
By default su will not work on Ubuntu because the root user is "disabled". sudo passwd will enable root though (if you proceed and enter a new password).
Martin -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq