1, The "sudo" command can be executed with root privileges without entering the root password, but if you think about it carefully, you can do various things without logging in as root, so it makes a lot of sense. Isn't it?
2, After a little research, it says that the command that can be executed is assigned by visudo, but do you usually specify a folder with a folder name such as / usr /? Where are the commands that can destroy your system?
Is it correct to recognize 1 and 2? I'm not sure how system administrators manage users, so it's not clear to me if I wonder if that's the case. So I would like an explanation, but thank you.
–Requires user password instead of
root decides whether to allow
–Everything you do / try to do with
sudo is logged
su is a substitute user user substitution, the situation is different from the above.
–Need to know the
–Cannot forbid someone who knows the
root password to
–The one you want to do after
su (no log remains)
Since "system devices are just files" on UNIX, you can destroy the system with any command. That's natural with
rm , and it is possible to destroy the system with
dd or even
cat . Once a knowledgeable person gets the authority, you can do whatever you want from the inside, and if you want to do sabotage, you can not stop with
sudo . In that sense
――It is out of the question to tell the
root password, whether it is an attacker or a well-meaning user.
–Do not give
sudo privileges to potential attackers
–It is not possible to prevent an incompetent ally who is not a malicious attacker from inadvertently breaking the system–but in the first place, such an incompetent ally must be given
――If it is
sudo , the difference around the log remains is large, and it is certain that
sudo is safer.
# It's easy to clear the system with the log if you have permission …