Sudo versus root
Mar. 22nd, 2006 07:50 am![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
sawylWhile the case for sudo-vs-root is slightly different for large, multi-admin systems, but this article is vaguely interesting, not so much for what it says as the thoughts it provokes.
I suppose the main point of using sudo in a production environment isn't so much security as CYA: sudo generates a nice audit trail of events, giving you proof that your minor change wasn't the one the screwed the system. Of course there's still the problem of people just starting root shells and bypassing the audit trail that way, but that can be easily dealt with by coming down like the wrath of God on anyone who breaks the rules. After all, what's the point in having a security policy if it's casually violated?
I suppose the main point of using sudo in a production environment isn't so much security as CYA: sudo generates a nice audit trail of events, giving you proof that your minor change wasn't the one the screwed the system. Of course there's still the problem of people just starting root shells and bypassing the audit trail that way, but that can be easily dealt with by coming down like the wrath of God on anyone who breaks the rules. After all, what's the point in having a security policy if it's casually violated?
