DSL boots by default to user dsl with sudo privileges but not direct root privileges. This is the proper, more secure way of running a Unix/Linux environment.
While I agree with your post as a whole, this one comment is something I don't fully agree with. It's my personal belief that the "proper" way to do it would be to require a root password for *any* root access. DSL makes it a little too easy for my own taste. I've made it a point to create both a dsl and root password, but still have not fully addressed this aspect of security to my liking. At some point I'll either modify sudoers (which is still a very confusing topic for me) or create a replacement script for the sudo command on top of my PATH (e.g., running "su -c $@" whenever sudo is called). For now, though, I have no idea how complicated it might be for applications like mydsl, which run in X but spawn scripts that use sudo, and haven't had the desire to experiment with it yet.Oh, let me clarify. I don't think DSL does it totally "right" (that's why I'm doing the hardening page), but at least DSL has separate users/permissions and doesn't log in as root by default (or SOLELY) as the other live CD distros I mentioned do. That's, IMO, inexcusable for anything that's set up to be installed (and Puppy and dyne both have installation scripts/instructions). I think sudo is a tolerable concession, albeit an imperfect one.
I share your concern. The hardening page I alluded to covers sudo. My own policy is to clear out sudoers and use su instead. I don't even have sudo set up on my BSDs or Slack installs, but it seems like every Debian-based distro I've used includes it by default.I had used sudo (or sux for X apps) + root password in Suse, which I think was the default way to use sudo in that distro. In Slackware I had originally tried to do the same as in Suse, but failed to properly configure sudoers. Somehow it ended up wanting the normal user's password rather than root's, which I thought was pointless. Anyway, in Slack I now just use su -c <command>, which does pretty much the same thing as Suse's sudo. Most X apps apparently don't work with this, but that's not a big deal.I don't have experience with Suse, but that seems odd. The password in Slackware is the proper way sudo works (user password rather than root). The man page for sudo says, "NOTE: in the default configuration this is the user's password, not the root password." (edit: add link below) http://www.gratisoft.us/sudo/man/sudo.html
The rationale is that it's to verify an actual user who's already been deemed competent enough to be included in sudoers. If it were tied to root password, it would basically be like using su. Which, like I said, I find preferable anyway.
(additional edit): I wouldn't think tying sudo to root password would be a good idea unless it's a single user system (and even then it's probably not a good idea). On a larger system where there might be many people with various levels of sudo privileges, you would want to verify them with their own passwords rather than doling out the root password to all (any!) of them.I didn't think about the added security of using your own password rather than root's. It's still password-protected, but this way allows the admin to limit your root usage. And it also explains why there is any point at all in using sudo rather than su. Smart.Next Page...
original here.