Friday, March 04, 2011

What is the killer feature in Sudo 1.8?

Here's a link to an interview that Todd Miller did while he was at SCALE. I like Todd's response to this question:

What would you say is the killer feature of this new release?

Todd Miller:  The "killer feature" in sudo 1.8 is dynamically loaded modules.  This makes it possible for third parties to write sudo plugins that implement custom security policies and logging of command input and output.  There are a number of root access control packages out there, both Open Source and commercial.  The plugin support makes it possible for users accustomed to using sudo to continue using it even if they want/need to use different security policy for root access.  All that is required is a plugin that can assess the security policy and determine whether the user is allowed to run the command.

Personally, I am going to be very interested to see how long it takes companies and Quest competitors to jump on this band wagon and offer plugins...

No comments: