One user, two passwords?
Derek Broughton
news at pointerstop.ca
Wed Sep 6 13:27:36 UTC 2006
Scott Kitterman wrote:
> Sorry. I can't let this pass....
>
> All the ways sudo may be more secure start out with a user doing something
> dumb. More resistant to users forgetting to exit the root account, but
> how is one password away from root access more secure than two passwords
> away from root access?
In a word, logging. There is no way to make any system that requires only
password access to the superuser harder to access than by giving it _some_
password. However, logging the access _is_ additional security.
su is not "two passwords away from root access". From inside your user
account, su or sudo are both exactly one password away.
--
derek
More information about the kubuntu-users
mailing list