Mailinglist Archive: opensuse-security (231 mails)
| < Previous | Next > |
Re: [suse-security] root
- From: Jeff <phaedrus@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 10 Aug 1999 13:05:44 -0700
- Message-id: <19990810130544.A2237@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
On Tue, Aug 10, 1999 at 12:16:19PM +0200, Mark Lutz wrote:
> * Jeff <phaedrus@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> writes:
> > This is the biggest reason. If you absolutely need to do something
> > as root, is it so hard to switch to a different virtual terminal and
> > log in? Or just use su, or pop up a new xterm, and su there, or
> > whatever. It is two seconds, and you don't have to worry about what
> > you might do to your system when you are just using your computer.
>
> You forgot to mention "sudo" (Serie "ap"). "man visudo", "man sudoers",
> "man sudo". Really hardly any need to use root.
ery good point. Thank you for bringing it up. For our original poster, sudo is a program that allows you to run certain programs as root from another account. You can configure it yourself, you can set it up so that you don't have to login as root to shutdown the system, and other stuff like that (a handy use is to allow you access to pppd and scripts as a normal user, so you wouldn't have to connect to your ISP as root, but I think this problem has been fixed by kppp and other such utilities...).
I do believe that there is another package called "super" that does essentially the same thing, but is apparently easier to use and configure.
I also saw some stuff about dorking up recursive commands (commands that traverse multiple directories) and commands with regular expressions (*). I've done that before, I messed up the home directories of my friends computer... even his httpd directory (ouch, that was painful to fix).
There are somethings which you do need to log in as root to do, configuring your system, security patches, and other good stuff. So, while there is little need to use root, it occasionally comes up. Double check before you make serious changes as root, and make sure you know how to undo your damage. Look before you rm. Use an ls with the same arguement as rm, and see what pops up, or before a recursive chown, etc. Backup a config file before you manually edit it. Paranoia is your friend. That is my best advice for how to be careful.
Good luck, and have a lot of fun.
--
Jeff
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/M/>P d-(pu) s+:- a17>? C++(++++) L+++ UL++(+++)@>++++$ P+ E W++@ N+ o? K- w--- O? M V- PS+ PE(--)@ Y++@ PGP t+ 5 X++@ R++@ !tv@ b++ DI++++ D- G e- h! r++ y?
------END GEEK CODE BLOCK------
> * Jeff <phaedrus@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> writes:
> > This is the biggest reason. If you absolutely need to do something
> > as root, is it so hard to switch to a different virtual terminal and
> > log in? Or just use su, or pop up a new xterm, and su there, or
> > whatever. It is two seconds, and you don't have to worry about what
> > you might do to your system when you are just using your computer.
>
> You forgot to mention "sudo" (Serie "ap"). "man visudo", "man sudoers",
> "man sudo". Really hardly any need to use root.
ery good point. Thank you for bringing it up. For our original poster, sudo is a program that allows you to run certain programs as root from another account. You can configure it yourself, you can set it up so that you don't have to login as root to shutdown the system, and other stuff like that (a handy use is to allow you access to pppd and scripts as a normal user, so you wouldn't have to connect to your ISP as root, but I think this problem has been fixed by kppp and other such utilities...).
I do believe that there is another package called "super" that does essentially the same thing, but is apparently easier to use and configure.
I also saw some stuff about dorking up recursive commands (commands that traverse multiple directories) and commands with regular expressions (*). I've done that before, I messed up the home directories of my friends computer... even his httpd directory (ouch, that was painful to fix).
There are somethings which you do need to log in as root to do, configuring your system, security patches, and other good stuff. So, while there is little need to use root, it occasionally comes up. Double check before you make serious changes as root, and make sure you know how to undo your damage. Look before you rm. Use an ls with the same arguement as rm, and see what pops up, or before a recursive chown, etc. Backup a config file before you manually edit it. Paranoia is your friend. That is my best advice for how to be careful.
Good luck, and have a lot of fun.
--
Jeff
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/M/>P d-(pu) s+:- a17>? C++(++++) L+++ UL++(+++)@>++++$ P+ E W++@ N+ o? K- w--- O? M V- PS+ PE(--)@ Y++@ PGP t+ 5 X++@ R++@ !tv@ b++ DI++++ D- G e- h! r++ y?
------END GEEK CODE BLOCK------
| < Previous | Next > |