what is the difference between "tsu", "su" and "sudo"?
in [UK Linux]
|
From: JJ on 26 Sep 2009 00:19 Hi all I needed to ask a question about the Linux commands used for getting root access. The question is, what is the difference between "tsu", "su", and "sudo"? I am mainly interested about the "tsu" command regarding which there seems to be very little documentation. What is the benefit in using e.g. "tsu" rather than "su"? And are there other ones besides these 3? (If yes, any pointers to a website discussing all of them would be appreciated.) Thanks in advance,
From: Unruh on 26 Sep 2009 02:26 JJ <santa(a)temporaryinbox.com> writes: >Hi all >I needed to ask a question about the Linux commands used for getting >root access. >The question is, what is the difference between "tsu", "su", and >"sudo"? Never heard of tsu. Not on my system. >I am mainly interested about the "tsu" command regarding which there >seems to be very little documentation. So for something like securly logging in why in the world would you use something for which you can find no docs? You look up the barrel of guns to see if they are loaded while you pull the trigger as well? >What is the benefit in using e.g. "tsu" rather than "su"? For something like su, I would say there is no benefit. >And are there other ones besides these 3? (If yes, any pointers to a >website discussing all of them would be appreciated.) ???? What are you doing? There is a tool that is old, that has had a huge amount of research done on it, that has had its security tested for over a decade. And you want to use something that is unkown, is undocumented and seems untested? Note that sudo is very different from su. sudo is a program to allow a user to run one single program ( or set of programs) and to give individual users the permission to use only a small set of programs. su is to log on as another user even while remaining logged on as the original user. Some like Ubuntu feel that sudo is more secure, with no evidence for that. It has its place. >Thanks in advance,
From: Ian Northeast on 26 Sep 2009 05:03 On Fri, 25 Sep 2009 21:19:52 -0700, JJ wrote: > Hi all > > I needed to ask a question about the Linux commands used for getting root > access. > > The question is, what is the difference between "tsu", "su", and "sudo"? > > I am mainly interested about the "tsu" command regarding which there seems > to be very little documentation. > > What is the benefit in using e.g. "tsu" rather than "su"? > > And are there other ones besides these 3? (If yes, any pointers to a > website discussing all of them would be appreciated.) What is tsu? I have never heard of it and cannot find any reference to it. In what distribution have you found it? Su is the traditional tool for an administrator who knows the root password to gain temporary root access. Sudo is normally used to grant other users who do not know the root password the authority to execute certain defined commands with root authority. It can also be useful when writing automated scripts which need limited root authority. Ubuntu (and possibly other distros) use sudo as the primary means for an administrator to gain root access, which enables root to have no password set. I am not convinced that this aids security. There is also sux, found in many distros, which is like su but also passes on the X credentials, useful if you need to run anything graphical as root. You can write your own setuid programs (su and sudo are such; sux is just a script which calls su). You need to be very careful that you do not introduce any security vulnerabilities if you do so. Setuid scripts are not allowed. Regards, Ian
From: Martin Gregorie on 26 Sep 2009 12:34 On Sat, 26 Sep 2009 10:03:20 +0100, Ian Northeast wrote: > Su is the traditional tool for an administrator who knows the root > password to gain temporary root access. Sudo is normally used to grant > other users who do not know the root password the authority to execute > certain defined commands with root authority. It can also be useful when > writing automated scripts which need limited root authority. > > Ubuntu (and possibly other distros) use sudo as the primary means for an > administrator to gain root access, which enables root to have no > password set. I am not convinced that this aids security. > > There is also sux, found in many distros, which is like su but also > passes on the X credentials, useful if you need to run anything > graphical as root. > I found another just today - runuser. I'm not sure how useful this is but am mentioning it for completeness. It changes the effective user id and group id to that of 'USER'. There is no password prompt. If run as a non- root user without privilege to set user ID, the command will fail. Like bash and other shells you can use it to run a single command: $ runuser -l USER -c "command args..." so it can be useful for running commands under a different user: in Fedora 10 the init.d script that starts the PostgreSQL database uses it in preference to su and has a comment saying it must be used if SELinux is installed and running. As I have SELinux disabled, I find its more or less identical to: $ su -l USER -c "command args..." -- martin@ | Martin Gregorie gregorie. | Essex, UK org |
From: Wanna-Be Sys Admin on 26 Sep 2009 18:20 Unruh wrote: > ???? What are you doing? There is a tool that is old, that has had a > huge amount of research done on it, that has had its security tested > for over a decade. And you want to use something that is unkown, is > undocumented and seems untested? I've never heard of it either, and I often wonder why people tend to use such things. I've seen a lot of people over the years just drop using simple, secure, well tested, well documented tools/commands in lieu of "new fun/hyped" tool (for no good reason, people often have to learn now things (interfaces, languages, commands, output, bugs with it, etc.). Really annoying to see (and have to deal with at work), but people do it. -- Not really a wanna-be, but I don't know everything.
|
Next
|
Last
Pages: 1 2 Prev: Recommendations for eye candy distro Next: Map keyboard key to middle mouse button |