[Novalug] GUI root

Peter Larsen peter@peterlarsen.org
Thu May 28 18:39:03 EDT 2015


On 05/28/2015 03:33 PM, John Covici via Novalug wrote:
> I wonder, is sudo more of a security risk than using su?  I have always
> thought that if you use su, you need another password so that is safer.

If you just use "sudo" with a single rule that says "everyone in wheel
can do anything they want" then yeah, except for getting some logging
it's pretty much the same. But the thing is, that sudo is a lot better
than that. You can give specific access to specific features to specific
users. So a backup user can only do backup, a web admin can only
start/stop the web-server as root etc. - su doesn't allow for any
granularity - you either have root and can do everything or you don't.

Polkit is the same way - it's more selective meaning you can give some
users access to a portion of privileged features instead of giving them
access to everything.

-- 
Regards
  Peter Larsen




More information about the Novalug mailing list