Ubuntu user's report

[Ken Moffat]

Matthew Carpenter wrote:

>
> This is indeed more secure, not so much in the "got root" sense of
> WU-FTPD buffer Overflow attack as in the accountability sense.
>
> It shares security problems similar to the Wireless protocol WEP: Shared
> Key.  If all admins share the root password and someone soes something
> nasty, the whole group is suspect.  Sudo, however, logs each command
> (along with the user who gave it) and allows granular control of access
> (eg. llama can do the command "/usr/bin/cdrecord" but nothing else).
> But if llama leaves the company and takes a position at a competitor's
> all the root passwords need not be changed immediately.  Simply
> disabling your account is good enough... and that can be managed in a
> central location like LDAP, NDS, or AD/Kerberos.
>
> Since sudo's default behavior is to prompt a user for their password
> (not root's) the first time each session (and timed intervals
> thereafter) simply getting access to a logged in administrator's session
> doesn't necessarily mean anything.
>
> Disabling the root account also stops brute-force attacks like we've
> been seeing a lot of through SSH of late.


This actually is the first explanation that I agree with. Thanks.