Friday, July 18, 2008

sudo bash > /dev/evil

Today I sat down with one of my team while he logged into a linux server to perform some administration tasks.

After ssh'ing to the machine, the first command entered was:

# sudo bash


Most of the time when we log into a remote server we are intending to perform admin tasks, but not every command needs to be executed as root. Executing "sudo bash" defeats the whole purpose of using sudo to begin with.

Sudo helps provide elevated privileges to multiple users of a machine. I don't want to limit the sudo rights on these machines as they are development and integration machines and many services are experimented with, configured, stopped, started, and generally played around with. I just want the team to treat root with respect.

Am I being picky about this?

What do you think?