Question: Question:
1, The "sudo" command can be executed with root privileges without entering the root password, but if you think about it carefully, you can do various things without logging in as root, so it makes a lot of sense. Isn't it?
2, After a little research, it says that the command that can be executed is assigned by visudo, but do you usually specify a folder with a folder name such as / usr /? Where are the commands that can destroy your system?
Is it correct to recognize 1 and 2? I'm not sure how system administrators manage users, so it's not clear to me if I wonder if that's the case. So I would like an explanation, but thank you.
Answer: Answer:
sudo is
–Requires user password instead of root password
–Administrator root decides whether to allow sudo
–Everything you do / try to do with sudo is logged
Since su is a substitute user user substitution, the situation is different from the above.
–Need to know the root password
–Cannot forbid someone who knows the root password to su
–The one you want to do after su (no log remains)
Since "system devices are just files" on UNIX, you can destroy the system with any command. That's natural with rm , and it is possible to destroy the system with dd or even cat . Once a knowledgeable person gets the authority, you can do whatever you want from the inside, and if you want to do sabotage, you can not stop with su or sudo . In that sense
――It is out of the question to tell the root password, whether it is an attacker or a well-meaning user.
–Do not give sudo privileges to potential attackers
–It is not possible to prevent an incompetent ally who is not a malicious attacker from inadvertently breaking the system–but in the first place, such an incompetent ally must be given sudo authority.
――If it is sudo , the difference around the log remains is large, and it is certain that sudo is safer.
# It's easy to clear the system with the log if you have permission …