<quote who="Sridhar Dhanapalan"> > I think that's what I did on my system. I was unaware that Ubuntu is reliant > upon sudo instead of su, and I thought that my root password was set to be > the same as my user password. To change it, I used 'sudo passwd root', which > of course removed the sudo functionality and reverted my system to a more > traditional su setup.
Note that it didn't remove the sudo functionality, you've just set a root password, which unlocks the root account. I recommend using sudo all the time regardless of the status of your root account - but given that setup, it makes sense to relock your root account. > Is the sudo-type setup employed by Ubuntu the same as that used in Mac OS > X? Very similar, yes. > Also, are there any security implications of this? Doesn't it mean that in > a default setup, any local user can gain root access? Please correct me if > I'm wrong. Absolutely not. Have a look at /etc/sudoers to see the configuration. In warty, it gave full sudo access to the initial user created. In hoary, it gives full sudo access to members of the admin group (which the initial user is a member of). There is a FAQ about using sudo on the Ubuntu site (disconnected atm, so can't give you the URL), which discusses some of the security issues. It comes down to the fact that using sudo is highly recommended generally, we've just chosen to make that the default configuration. - Jeff -- linux.conf.au 2006: Dunedin, New Zealand http://linux.conf.au/ "I look forward to someday putting foo-colored ribbons on my homepage declaring 'port 25 is for spam', and 'just say no to the Spam Message Transmission Protocol!'" - Raph Levien -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
