-
I am using a Red Hat Enterprise 5 Linux box. I find if a user is in /etc/sudoers file, then if the user run command with sudo, the user will run this command with root privilege (without knowing root password, the user runs sudo only need to input the user's own password in order to run a command with sudo). Is that correct understanding?
- If yes, then is it a security hole? Since users other than root could run with root privilege?
thanks in advance,
George
Best Answer
It is not a security hole, at least no more than
su
is.sudo
is just of way for an administrator for having a quick root access without using a root shell (which can be dangerous).sudo
just requires the user to enter his own password and will indeed give him root access (try$ sudo whoami
). However, not everyone should be in the/etc/sudoers
file.If you take a look at
sudo
manpage, you'll find how to limitsudo
to some simple commands.You can for instance, only allow the user
bob
to execute$ sudo poweroff
without allowing him to do$ sudo cat /etc/shadow
.So no, it's not a security hole if you configure and use it correctly. If you don't want your users to have a root shell, think of forbidding commands like
$ sudo su
.