[clug] .bash_aliases and .bashrc (now the history of sudo? next is vi vs. emac)

Scott Ferguson scott.ferguson.clug at gmail.com
Sat Oct 18 22:17:55 MDT 2014 

Steve - did I earlier comment about not wanting to get into a sudo vs.
su -c debate?
:)
:D

I was, obliquely, referring to the wide-spread phenomenon of sudo being
uses with the NOPASSWD option. A sort of Eternal September thing,
sometimes associated with the introduction of a populist distro - with
both good and bad results (the balance of which I'm unsure of).

[bitter text='get off my lawn']
[*1] originally aimed at providing a low-end requirement OS for those
who couldn't afford a modern computer - but soon morphed into a distro
tailored for more modern computers, that offered a Windoof-like ease of
"be your own sys-admin without study" and all the much touted programs
for the underprivileged local to the point of original project - were
greatly scaled back. Sadly the original "ask and we'll post free"
program had to end because the great majority of requesters lived in the
most affluent parts of the world (of which I'm guilty).
[/bitter]


On 19/10/14 11:28, steve jenkin wrote:
> 
> On 19 Oct 2014, at 10:14 am, Scott Ferguson
> <scott.ferguson.clug at gmail.com> wrote:
> 
>>> . (This is no coincidence. In fact, this was the very reason for
>>> introduction of sudo command).
>> 
>> Um, that's one explanation for it's use.
> 
> 
> Evi Nemeth of Colorado Uni used to run a Systems Admin course. [hence
> the book]
> 
> Students were let loose running the schools’ computers. ‘sudo’ was
> their solution - it allows very fine-grained control over commands
> _and_ hosts, or groups of them. [note they picked it up and improved
> it]

It's one of several ways of allowing very fine-grained control over
commands and hosts, or groups of them. They all have circumstantial
strengths and weaknesses - and can be made to shoot foot.

> 
> This obit for her gives a long history of sudo’s history. 
> <http://everythingsysadmin.com/2013/07/the-woman-that-saved-sudo.html>

Hmmm. You'll note the article is written by a student of that class.
Many of us learnt Unix from BSD documentation... where it was in use
*before* it was capable of running on other OS (1994). Not to dismiss
Evi's influence, only to put it into context. I recall reading the
USENIX lists about sudo, at a time when Evi was also, as were many
others - and most of us passed that information into our workplaces.

A brief time line of sudo (from various sources):-
;currently maintained by Todd C. Miller (OpenBSD)

;"around 1980", conceived and implemented by Bob Coggeshall and Cliff
Spencer 1980 at the Department of Computer Science at SUNY/Buffalo.
It ran on a VAX-11/750 running 4.1BSD. An updated version, credited to
Phil Betchel, Cliff Spencer, Gretchen Phillips, John LoVerso and Don Gworek

;December of 1985, was posted to the net.sources Usenet newsgroup.

;1991, Dave Hieb and Jeff Nieusma wrote a new version of sudo with an
enhanced sudoers format under contract to a consulting firm called "The
Root Group". This version was later released under the GNU public license.

;1994, after maintaining sudo informally within CU-Boulder for some
time, Todd C. Miller made a public release of the *forked* "CU sudo"
(version 1.3) with bug fixes and support for more operating systems. The
"CU" was added to differentiate it from the "official" version from "The
Root Group".

;1995, a new parser for the sudoers file was contributed by Chris
Jepeway. The new parser was a proper grammar (unlike the old one) and
could work with both sudo and visudo (previously they had slightly
different parsers).

;1996, Todd, who had been maintaining sudo for several years in his
spare time, moved distribution of sudo from a CU-Boulder ftp site to his
domain, courtesan.com.

;1999, the "CU" prefix was dropped from the name since there had been no
formal release of sudo from "The Root Group" since 1991 (the original
authors now work elsewhere). As of version 1.6, Sudo no longer contains
any of the original "Root Group" code and is available under an
ISC-style license.

;2001, the sudo web site, ftp site and mailing lists were moved from
courtesan.com to the sudo.ws domain (sudo.org was already taken).

;2003, Nationwide Mutual Insurance Company contributed code written by
Aaron Spangler to store the sudoers data in LDAP. These changes were
incorporated into Sudo 1.6.8.

;2005, Todd rewrote the sudoers parser to better support the features
that had been added in the past ten years. This new parser removes some
limitations of the previous one, removes ordering constraints and adds
support for including multiple sudoers files.

;2010, Quest Software began sponsoring Sudo development by hiring Todd
to work on Sudo as part of his full-time job.

;2012, Dell acquired Quest Software and continues to sponsor Sudo
development.

Disclaimer: I'm not anti-sudo, I just don't use it myself. Not using
sudo != more secure. It's more complex than that - especially if you are
dealing with some else's problematic system.

> 
> -- Steve Jenkin, IT Systems and Design 0412 786 915 (+61 412 786
> 915) PO Box 48, Kippax ACT 2615, AUSTRALIA
> 
> mailto:sjenkin at canb.auug.org.au http://members.tip.net.au/~sjenkin
> 

Kind regards

--

"Linux used to be popular, now everybody uses it"

More information about the linux mailing list