Results 1 to 9 of 9

Thread: Can I get rid of sudo?

  1. #1
    Join Date
    Jan 2009
    Location
    Somewhere in Fictionland
    Posts
    1,479

    Default Can I get rid of sudo?

    In the light of the recent security problem discovered: can one get rid of sudo (I never use the sudo command) and I have the feeling that is a bit like samba, if you do not use it, it is better not to have set it up at all for usage.
    The question is serious, what application would be influenced by sudo? Would it be possible to implement them without sudo?
    Just "clicking away" security warnings about a change in repo signature ? Not able to control?
    Then please vote for
    https://features.opensuse.org/312047
    openSUSE should have an efficient web of trust.

  2. #2

    Default Re: Can I get rid of sudo?

    stakanov wrote:
    > In the light of the' recent security problem'
    > (http://www.sudo.ws/sudo/alerts/sudo_debug.html) discovered: can one get
    > rid of sudo (I never use the sudo command) and I have the feeling that
    > is a bit like samba, if you do not use it, it is better not to have set
    > it up at all for usage.
    > The question is serious, what application would be influenced by sudo?
    > Would it be possible to implement them without sudo?


    That's a pretty open-ended question and unlikely to get a complete
    answer. I guess the simple thing to do is to rename sudo to something
    else and see what breaks. I don't use sudo much myself, but I guess that
    you can also rewrite the sudoers file to stop people using it.

    But surely there'll be an update to fix this hole? Or you could
    recompile it yourself. Far easier IMHO than trying to anticipate the law
    of unintended consequences.

  3. #3
    Join Date
    Jan 2009
    Location
    Somewhere in Fictionland
    Posts
    1,479

    Default Re: Can I get rid of sudo?

    Quote Originally Posted by djh-novell View Post
    stakanov wrote:
    > In the light of the' recent security problem'
    > (Sudo format string vulnerability) discovered: can one get
    > rid of sudo (I never use the sudo command) and I have the feeling that
    > is a bit like samba, if you do not use it, it is better not to have set
    > it up at all for usage.
    > The question is serious, what application would be influenced by sudo?
    > Would it be possible to implement them without sudo?


    That's a pretty open-ended question and unlikely to get a complete
    answer. I guess the simple thing to do is to rename sudo to something
    else and see what breaks. I don't use sudo much myself, but I guess that
    you can also rewrite the sudoers file to stop people using it.

    But surely there'll be an update to fix this hole? Or you could
    recompile it yourself. Far easier IMHO than trying to anticipate the law
    of unintended consequences.
    Actually, I agree that probably it is easier not to go the road of "let's see what's coming down". But by reading the man pages of sudo, the thing gets interesting I guess as a principal question for openSUSE. SUDO takes note of SUDOers using it by syslogd.
    Now I can be wrong, but I recall if you use systemd the usual syslog function does not work reliable any more. At least for what I recall. So a part from the fact that I do not use it, if the latter statement is correct, this will get also an issue? Just asking for the sake of informing myself. Maybe this is not the case and I did misunderstand this bit. But for sure I could try to change the sudoers file.
    Just "clicking away" security warnings about a change in repo signature ? Not able to control?
    Then please vote for
    https://features.opensuse.org/312047
    openSUSE should have an efficient web of trust.

  4. #4
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,982

    Default Re: Can I get rid of sudo?

    sudo is just a simple program. It is however setuid root. That means that every user that calls it has root priviliges during the exeution of that sudo process. Now we all trust (and believe me it is checked and tested by many) that it only used it's configuration file to check if that what is asked to execute as root is allowed as such (with or without password checking). And then it does start that task as root.

    When you are the only user of a system and you do not like it: do not use it.

    When you are not the only one, I guess the best thing to do is use it's configuration file sudoers to not allow anybody anything. The default sudoers looks pretty save to me because it is configured to allways ask for the password. This is of course the same as good old su does.

    Removing the suid bit or the file does not seem a good solution to me. It is something that must be checked (and repeated) after every update/upgrade again to be sure it is not undone by an install action.
    Henk van Velden

  5. #5
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Can I get rid of sudo?

    On 2012-01-31 12:36, stakanov wrote:
    > Now I can be wrong, but I recall if you use systemd the usual syslog
    > function does not work reliable any more.


    Huh? Do you have data on this?

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  6. #6
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Can I get rid of sudo?

    On 2012-01-31 12:56, hcvv wrote:

    > When you are not the only one, I guess the best thing to do is use it's
    > configuration file -sudoers- to not allow anybody anything. The default
    > -sudoers- looks pretty save to me because it is configured to allways
    > ask for the password. This is of course the same as good old -su- does.


    The default configuration of sudo is intended *not* to be used. As simple
    as that. You are supposed to change the configuration and disallow that
    configuration, so that you have to use your own password, and can only use
    sudo to call the listed programs, not any program the user wants.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  7. #7
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Can I get rid of sudo?

    On 2012-01-31 12:06, Dave Howorth wrote:

    > That's a pretty open-ended question and unlikely to get a complete
    > answer. I guess the simple thing to do is to rename sudo to something
    > else and see what breaks. I don't use sudo much myself, but I guess that
    > you can also rewrite the sudoers file to stop people using it.


    Removing sudo can not break anything else. That behavior would be a bug.
    Why? Because once you configure sudo as intended (which almost nobody does)
    then sudo stops working for unlisted commands. You can not expect to do
    "sudo something" and expect it to work, unless you explicitly enter that
    "something" in the configuration.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  8. #8
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,982

    Default Re: Can I get rid of sudo?

    Quote Originally Posted by robin_listas View Post
    On 2012-01-31 12:56, hcvv wrote:

    > When you are not the only one, I guess the best thing to do is use it's
    > configuration file -sudoers- to not allow anybody anything. The default
    > -sudoers- looks pretty save to me because it is configured to allways
    > ask for the password. This is of course the same as good old -su- does.


    The default configuration of sudo is intended *not* to be used. As simple
    as that. You are supposed to change the configuration and disallow that
    configuration, so that you have to use your own password, and can only use
    sudo to call the listed programs, not any program the user wants.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)
    I am not sure I understand you here.

    I never did anything to sudoers (do not use sudo) and this is on my sysem:
    Code:
    henk@boven:~> sudo ls
    root's password:
    bin      Documents  Fotos         logs  milweb  qlgt.db  sss
    Desktop  Downloads  kaddressbook  Mail  Muziek  ripper   uitzending
    henk@boven:~>
    That means that it asks for the root password for everything I ask it to do as root, even a mere ls in my home directory.
    Thus it offers no more then a simple:
    Code:
    henk@boven:~> su -c ls
    Wachtwoord: 
    bin      Documents  Fotos         logs  milweb  qlgt.db  sss
    Desktop  Downloads  kaddressbook  Mail  Muziek  ripper   uitzending
    henk@boven:~>
    and has the same security. Which is a good default IMHO.
    Henk van Velden

  9. #9
    Join Date
    Jan 2009
    Location
    Somewhere in Fictionland
    Posts
    1,479

    Default Re: Can I get rid of sudo?

    Quote Originally Posted by robin_listas View Post
    On 2012-01-31 12:36, stakanov wrote:
    > Now I can be wrong, but I recall if you use systemd the usual syslog
    > function does not work reliable any more.


    Huh? Do you have data on this?

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)
    No Carlos, you are right and I was actually wrong. It is the other way round, I messed it up in my recall, it actually works better. I mixed that up with the proposal of substituting syslog right away.
    As I did write, I was very unsure of what I recalled. So no problem with sudo. But thanks for reminding me to look it up, so the "brain error" was corrected.
    Just "clicking away" security warnings about a change in repo signature ? Not able to control?
    Then please vote for
    https://features.opensuse.org/312047
    openSUSE should have an efficient web of trust.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •