Managing Root Access

195

sudo

To allow more control over the privileges available to normal users, Debian

provides the sudo command. This utility allows a specified user to execute

commands as the root account. The users who may use sudo, and the pro 

grams they may have root privilege for, are specified in the file /etc/sudoers.

The amount of access that can be given to a particular user account ranges

from ALL, which is equivalent to su, down to allowing only a single command

to be executed as root.

Beside the finer granularity of the permissions provided, sudo also has the

advantage of not requiring the root password. To invoke sudo, the user only

supplies their own password, leaving account security in the hands of the

person responsible for that account. So, to give fred the ability to shut down

the system, the entry in /etc/sudoers would look like:

fred /sbin/shutdown  [rh] now

In this way, a large variety of capabilities can be given to trusted users without

compromising the root password. Since sudo can be used to give a user full

root privilege, it is a potential avenue for a security breach if that user account

password is compromised. Hence, it is advised that only those commands that

absolutely must be provided are entered into /etc/sudoers, providing maximum

functionality, with minimal security risk.

Obviously security is of varying importance, depending upon what the system

is being used to accomplish. This does not mean that there are times when

system security can be ignored. Even a system that is completely disconnected

from a network can be subject to a security breach. Most of the security

measures of interest have to do with protecting users from making mistakes

with files that do not belong to them. This keeps Joe from accidentally deleting

any of Fred's files, and both of them from accidentally deleting important

system files.