Default sudo setup (Was: Re: The Future of Fedora.)
Gene C.
czar at czarc.net
Wed Dec 10 21:49:56 UTC 2003
On Wednesday 10 December 2003 11:16, Michael K. Johnson wrote:
> On Wed, Dec 10, 2003 at 10:07:43AM -0500, Nathan Fredrickson wrote:
> > Apple handles the root issue an interesting way in OSX. The root
> > account does not even allow logins by default unless you go to the
> > command line and set a password for it. "Admin users" of the system
> > instead get added to an admin group that has sudo privileges. By using
> > sudo instead of su means that the popup password dialogs expect the
> > user's own password instead of the root password.
> >
> > The overall effect of this setup is that the average user does not even
> > know that a root account exists and is simply asked for their password
> > when carrying out important tasks. This sort of scheme is familiar to
> > many users since it is similar to the way some websites like Ebay or
> > Yahoo re-prompt for your password for important operations.
>
> That's definitely a useful idea and worth considering. I have felt
> for a long time that we need to streamline the local experience without
> destroying security; that's why I wrote pam_console.
>
> I think we'd want to do things differently -- using the wheel group
> instead of inventing another group, having a root password by default,
> prompting for root password for users not in the wheel group and for
> their own password for users in the wheel group, but certainly having
> a checkbox for "administrative priviledges" when adding a user graphically
> and acting on that is worth discussion.
You red Hat folks have been tightening security for at least a couple of
releases now and this is just one more level. This certainly sounds like a
good idea to me.
--
Gene
More information about the fedora-devel-list
mailing list