[CentOS] server is always getting hacked
Michael A. Peters
mpeters at mac.com
Wed Jul 1 08:20:50 UTC 2009
Michael A. Peters wrote:
> Sander Snel wrote:
>
>> 10. use sudo instead of su -
>
> How does that help?
I still don't understand how using sudo instead of su makes it more secure.
If the user does not have the root password that the only danger to su -
is brute force from local account, but you can protect against that, and
the same issue exists with sudo.
With sudo, very often the password is same as the admin's password - so
if the admin account is brute forced the cracker then can use sudo to
gain root.
What would be a security enhancement would be to borrow the bsd su which
only allows you to su to root from a wheel group account.
I never understood why gnu su didn't implement that.
More information about the CentOS
mailing list