sudo doesn't work, I'm not in sudoers file, but I am.
Gene Heskett
gene.heskett at verizon.net
Sun Jan 13 04:38:53 UTC 2008
On Saturday 12 January 2008, Craig White wrote:
>On Sat, 2008-01-12 at 23:20 -0500, Gene Heskett wrote:
>> On Saturday 12 January 2008, Mike Williams wrote:
>> >On Jan 12, 2008 5:53 PM, Gene Heskett <gene.heskett at verizon.net> wrote:
>> >> >From the sudoers file:
>> >>
>> >> [...]
>> >> ## Allow root to run any commands anywhere
>> >> root ALL=(ALL) ALL
>> >> gene ALL=(ALL) ALL
>> >
>> >Sure looks okay to me. Note that you can also use:
>> >gene ALL=(ALL) NOPASSWD: ALL
>>
>> I'm not sure I'd want that. While this house is secure, and dd-wrt is
>> between this box and the net, I think that might be trusting things a wee
>> bit much.
>>
>> In fact, my password, while longer than most, is about half the length of
>> roots, which is so long its not usable with ssh or samba. For that
>> reason, I wouldn't mind being forced to use roots password to sudo. Is
>> that possible?
>
>----
>I'm thinking that doesn't make much sense. What would make more sense is
>that if you don't trust yourself (or your password, like others know
>your password), create another user, give that user sudo power and
>simply su to that user instead.
_I_ trust me, and the missus is computer illiterate, but someone who knows a
lot about me could probably find that pw given enough time. ISTR I had John
hammer on it for an hour or so a year back, so it isn't quite as easy as it
looks I guess. John The Ripper didn't find it in that time frame.
>There are some protections afforded to root that by default are not
>given to users (interactive rm for example) and vice versa. For that
>reason, I like to simply su to root when I need root privileges and stay
>as user when I don't.
I will keep that in mind, and have done so in the past when sudo didn't work.
>Craig
Thanks.
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
C for yourself.
More information about the fedora-list
mailing list