[X-Unix] Root Exploit via sudo

[William H. Magill]

On 07 Apr, 2005, at 15:43, Stephen Jonke wrote:
> The issue at hand is that on the Mac the default is for the user to be 
> an admin user. When you set up your Mac, you create an account, and 
> that account is an admin account. Linux generally isn't something your 
> Mom can set up on her own. A Mac is, and most users will not know that 
> the initial user account, which they'll use, is an admin account, nor 
> even what it means for an account to be an admin account. This is a 
> Mac issue because Mac OS X makes it easy for almost anyone to do it 
> and if it's going to do that, then it needs to go the extra mile for 
> such users. All that would mean is setting the mentioned settings by 
> default. That, to my mind, isn't too much to ask of Apple - unlike my 
> Mom, *they* should know better.

Your mom is not likely to ever even hear about sudo, let alone ever 
have an occasion to use it.

She is also more likely to power down her machine every day, killing 
off any lurking trojans.

sudo is a Unix thing, not a Mac thing.

It still takes a surprising amount of education beating folks over the 
head to convince "dumb users" to use sudo instead of su or logging in 
as root. There are probably far more Max OSX users who use su or enable 
the root login rather than use sudo.

There are also A LOT of people pushing Desktop Linux who will disagree 
with your Mom's ability to setup a Linux system.

T.T.F.N.
William H. Magill
# Beige G3 [Rev A motherboard - 300 MHz 768 Meg] OS X 10.2.8
# Flat-panel iMac (2.1) [800MHz - Super Drive - 768 Meg] OS X 10.3.8
# PWS433a [Alpha 21164 Rev 7.2 (EV56)- 64 Meg] Tru64 5.1a
# XP1000  [Alpha 21264-3 (EV6) - 256 meg] FreeBSD 5.3
# XP1000  [Alpha 21264-A (EV 6.7) - 384 meg] FreeBSD 5.3
magill at mcgillsociety.org
magill at acm.org
magill at mac.com
whmagill at gmail.com