Author: Sean Gibbins Date: To: stephen.davies, Hampshire LUG Discussion List CC: Subject: Re: [Hampshire] Result of the Ubuntu Challenge
Stephen Davies wrote: >
> One more point that irritates me (Apart from the awful orange on black
> default colour scheme) is the relative insecurity of Ubuntu when
> compared to RedHat based distros***. I have finally got my head around
> at least a few of the features of Selinux and now think it is a great
> security feature. Also, using SUDO is IMHO an very insecure thing. I
> like to lock down root and use long passwords (As John Lewis commented ).
> Ubuntu (OOTB) locks out the root used from logging in. It should in my
> opinion be an install option. I (much to the chagrin of some people)
> do login from the console as root to do initial setup and also product
> installs of things like Websphere App Server etc. Other than that, I
> do 'su' to root as needed. I never use sudo at all. If I really want
> to lock down a system, i remove sudo completely. At one place I worked
> recently, if an employee was found using sudo, they were in deep dodo
> with their boss.
Hi Steve,
Care to explain why you, and, if you don't mind speaking on behalf of
someone else, your former employer consider sudo so insecure?
As I recall this one has been done to death in the past and I have yet
to see a strong argument to support your case. I am genuinely struggling
to see the difference between me setting up a root password on a Fedora
box, then a user account/password and then using su, or setting up a
user account that has the right to automatically su to root when
required on Ubuntu. It's not as if every Ubuntu user gets this level of
access by default, after all.
> This is my way of working rather than a direct crit of Ubuntu. As is
> often said, with FOSS you have choice and this is what makes it great.
