Y
Hacker News
new
|
ask
|
show
|
jobs
by
hughesjj
725 days ago
...why not just su then?
2 comments
rpgwaiter
725 days ago
root would need a defined password, which opens up other security concerns
link
akira2501
725 days ago
Even if you allow passwordless su for users in the wheel group?
link
bdd8f1df777b
725 days ago
That's extremely dangerous. Any software running as a wheel user can escalate privileges willy nilly.
link
immibis
725 days ago
they can also access your ssh private keys
link
rascul
725 days ago
In theory, those ssh private keys are password protected.
In practice, maybe not.
link
ec109685
724 days ago
They were stored in the user’s yubikeys (or similar) in this example.
link
bogantech
725 days ago
If you do that you deserve what you get
link
djbusby
725 days ago
Do what!?
link
bobmcnamara
725 days ago
plzno
link
CaliforniaKarl
725 days ago
We've got root passwords set on, IIRC, all of our systems. They're long, random, and can only be entered through the console on the VGA port or the IPMI console.
link
lmz
724 days ago
su is also a suid binary, no? It is probably a lot less complex than sudo.
link