Bad Security Practices from Professor

CincinnatiKid · 08-11-2010, 11:37 AM

I am taking a computer forensics class right now at a large University. The class is really cool, but the professor constantly breaks a lot of cardinal rules. Here are some examples:

Logs into CentOS as root, then startx
Once running X as root he browses the web with Firefox
Loads Helix (distro based on Ubuntu with forensics tools) and immediately types "sudo bash" and does everything from this shell even though he does not need to be root
If he needs to run Nautilus, he just type nautilus from his shell that is running as root

Should I say something to him about this behavior or would this be rude?

b0uncer · 08-11-2010, 11:39 AM

Well the polite way would be to ask why it is that he's using root instead of an unprivileged user account. That way he can explain (defend) himself

Jeebizz · 08-11-2010, 09:03 PM

Sheer laziness I think. Either way, if something happens (he mistypes a command, and fscks the whole system up, its his own damn fault.)

I would be tempted to just sit back, and wait for the inevitable. Of course, I do perhaps have a mean sense of humor, but I don't care.

Sumguy · 08-12-2010, 12:55 AM

Maybe he's waiting to see if someone will correct him? I'd do it! Worst that could happen: You'd learn something. He'd give you an excuse or just admit he was lazy...or, he may give you a reward.

CincinnatiKid · 08-12-2010, 09:16 AM

Alright, on Tuesday (my next class) I will call him out. I will let you know what happens.

jaydot · 08-12-2010, 03:28 PM

this is one to watch.