[Chester LUG] Security
Roger Gibson
rcgibson at talktalk.net
Wed May 21 19:59:17 UTC 2008
Roger Downing said the following on 21/05/2008 20:32:
> How would you change things? I'm with you in that it's better to become root
> with the correct password, but for ease of use it's good to only have to
> remember your login password plus have the benefit of cached credentials
> meaning frequent use of admin programs does not require repeated
> authentication.
What about the situation if (when) your system crashes, maybe a critical
disc error, and you attempt recovery with a live CD or whatever. Won't
you need to have remembered the root password to be effective. A ploy I
have adopted in the past is to set up a second (super)user with root
permissions, but with my full set of aliases, including safety things
like rm -i, and done all my root stuff there. Making it easy to become
root, allows the enemy within to creep up when you go for a coffee or
whatever. It might just be mischief making, but it can cause havoc.
There are enough easy ways to remember good root passwords. I'm a bit
long in the tooth, but I have been grateful for having done things properly.
Roger
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/chester/attachments/20080521/36c5a6b5/attachment.html>
More information about the Chester
mailing list