On Tue, 11 Apr 2017 at 07:13:36 +0100
Klaus Ethgen <Klaus+dyne@???> wrote:

> > Am Mo den 10. Apr 2017 um 22:09 schrieb Alessandro Selli:
> > You still should use sudo, with a password - the user's own password.
> > Using root password many times, every day, is bad for security (the more
> > times you type it the higher the chances are it will be captured)
>
> That is a common misunderstanding.
>
> If you have (like many people) have your account allowed to do
> everything with sudo, than it doesn't matter if you have to type the
> root password or your own. If a attacker can get hand on one of that
> two, he can use it.

Setting up sudo to allow an unprivileged account to perform any action with
superuser privileges with no password is bad security practice, and I never
supported or argued in it's favor.
Assuming that the fact that sudo could be misconfigured and abused is a
valid point against it's use is the same as stating that ssh certificates
could be generated with weak hashes and protected by poorly chosen
passphrases, and that it should for this reason not be used.

> Moreover, it raises the attack vector from one password to two.

I argued against the assertion by Rick Moen that sudo constitutes "a proxy
for the root password", while I was advocating it's use as a way to avoid
completely any use of the superuser password, thus preventing it from been
exposed.
One cannot avoid using at least once his own password at the start of the
session, so this password cannot be completely secured when operating in an
open or unprotected environment. If need arises to perform, in that same
environment, a task that requires root privileges, then sudo is the easiest
way to perform that task without exposing the superuser's password at all.

> That stupid use of sudo (That was initialize introduced by ubuntu)
> should have an end.

The fact that some stupid people configure useful tools in a stupid way
does not prove that those tools are bad. It only proves that there are
stupid people. And I do know there are way more people who chose ease of use
to security: this is not a good reason because I forgo using the right tools
the right way.
Taking the bad practices of Ubuntu as a reason to do away with sudo
entirely is stupid, too. It's like stating that PAM should be eradicated
from any GNU/Linux distribution because some stupid folk staffed /etc/pam.d/*
files with lines like:

password sufficient pam_unix.so nullok minlen=0

> Another think is if (or not) you should allow login as root via password
> at all.

Locally yes, of course, over selected secure terminals. Not over the
network, for sure.

> Regards
>    Klaus
> - -- 
> Klaus Ethgen                                       http://www.ethgen.ch/
> pub  4096R/4E20AF1C 2011-05-16            Klaus Ethgen <Klaus@???>
> Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C

> > _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng



--
Alessandro Selli http://alessandro.route-add.net
VOIP SIP: dhatarattha@???
Chiavi PGP/GPG keys: B7FD89FD, 4A904FD9