OS X sudo vs. root Commentary

Submitted by Edward Marczak on Tue, 10/16/2007 - 17:08

Over at Linux Box Admin, there's an article that compares the use of sudo versus the use of root under OS X.  Not sure why an article like this is appearing on a primarily Linux oriented site.  Of course, Linux has the option of using sudo, and the sudo vs. root debate is a little older than OS X.  My gripe is that the author misunderstands the issue.

While Apple is happy to tell you that OS X is Unix powered, OS X tends to be its own animal.  It certainly doesn't do everything like other Unix variants.  It has its own ways and quirks, which is why the Linux Box Admin article does a mis-service.

Basically, it comes down to something I've been saying for quite some time: don't run with an admin level account.  OS X is probably the best OS for a least-user-privilege setup.

At one point, the author asks, "Is there a way to make the sudo configuration more secure?"  Well, sure, but altering the sudoers file to ask for the root password is not the way.  The entire reason for sudo's existence is so you would have granular control over what users can run without handing out the root password!

A complaint is made that, "if you execute sudo -s to start a root shell, the only thing that shows up in your system.log is [a single line].  Every other command after starting a root shell does NOT get logged at all."  Right.  So, if that's your fear, restrict users from getting a shell, and set up sudoers to allow them only the commands you with them to run.

Normally, I don't use this space to comment on other articles, however, this article needed an answer to the misinformation, but leaves no room for comments on the article.  The author is a Linux admin that is just starting to look at "Macintosh Through Linux Eyes" - in reality, you can't do that - OS X is not Linux by a long shot.

Admittedly, this is all a slightly simplified view of the situation, but in short, for OS X, the default configuration is perfectly acceptable if you use a secondary (non-admin) account.  OS X Server may require a little more configuration, but if you're running a server, I expect that you're learning or hiring someone to guide you.

(I will say, though, that I'm in complete agreement with the author's stance on certifications)