e2eiod at gmail.com
Sun Jun 8 08:17:21 CDT 2008
On Sat, Jun 7, 2008 at 1:14 PM, Geoff <geofff at w5omr.shacknet.nu> wrote:
> Don Crowder wrote:
>> Isn't "sudo" a Ubuntu thing? I've never used it it though I see it
>> mentioned a lot where *buntu is being discussed.
> it's a Linux thing, as SuSE recognizes 'sudo' as well.
> SATLUG mailing list
> SATLUG at satlug.org
> http://alamo.satlug.org/mailman/listinfo/satlug to unsubscribe
> Powered by Rackspace (www.rackspace.com)
True and now it seems to be everywhere...
Sudo was developed in reaction to the standard UNIX security model
where although some granularity is possible with group and file
permissions, delegating security is largely all or nothing. If a user
was designated an administrator this usually meant giving them access
to the root account's password. The problem with this model was that
it provided no accountability for actions taken on the system since
all actions were being executed under the auspices of one user
account. In summary, Sudo provides delegation and accountability.
Sudo for Windows (sudowin) attempts to fix the Microsoft Windows
security model by providing Sudo functionality to the Windows
operating system. This practical will explore the history of sudowin,
its implications on the world of Windows security, the complex design
of this project, and finally, how end-users may implement sudowin."
"Sudo for Windows (sudowin) allows authorized users to launch
processes with elevated privileges using their own passphrase. Unlike
the runas command, Sudo for Windows preserves the user's profile and
ownership of created objects."
Fascinating program. Wish I'd had the ability to write it.
Is anyone using sudo as part of Identity Management? Maybe AD or LDAP
takes care of privileged access better?
More information about the SATLUG