LinuxQuestions.org
Page 2 of 2 1 2
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   How to create a user in linux with admin rights. (https://www.linuxquestions.org/questions/linux-general-1/how-to-create-a-user-in-linux-with-admin-rights-909110/)

TobiSGD 10-24-2011 04:41 PM
Quote:
Originally Posted by jefro (Post 4506965)
Linux best practices are not nonsense. You can do what you want but anytime a user is logged on a su there is a chance of malware or other attacks even if you don't believe in it.
So you mean when I launch a terminal, su to root and update my Slackware -current with slackpkg, edit some configuration files or generate a new initrd there is a chance of malware or other attacks? How? Would you please explain that to me?

jefro 10-24-2011 10:17 PM
There are plenty of web pages on this topic. It is not new. Any search for sudo versus su or such would provide reasons for this as a best practice.

Sure you will get a lot of kooks that don't belive a root user could be hacked and that the only reason for sudo is to prevent fat fingering commands.

Your system will only be as secure as the level and amount of best practices you use.

TobiSGD 10-24-2011 10:50 PM
Still you delivered no answer. This is not a su/sudo thing, you simply said that using su is insecure and not a good practice, but are lacking to give any evidence for that.

jefro 10-25-2011 04:27 PM
You are trying to get me to make you believe. I feel you would be better served looking at web pages or books that use the su versus sudo arguments. I doubt you'd believe them.

This isn't a new topic either. The subject has been warmed over for maybe 10 years or more.

unSpawn 10-25-2011 05:50 PM
Quote:
Originally Posted by SharpyWarpy (Post 4506134)
I have a single user system and I've been running with root privileges since 2002.
Good for you! Except you shouldn't mistake the fact that you do for something to advertise or even a security best practice.


...back to the main topic if you please. Malware may not be the reason to prefer Sudo over su but as John VV already said, this being the most important reason for preferring Sudo over su, 0) su requires you to share the root password which you shouldn't want on a multi-user system. Also people tend to forget 1) root is the administrative account and not something regular users should access for tasks other than systems administration. (And the OP never posted back any reason other than ""give access on whole file system" so this might be another case of doing the right thing the wrong way.) Finally, using Sudo for specific tasks 2) limits risks (unless you're stupid enough to allow "Cmnd_Alias rm = /bin/rm *" or equivalent badness, that is).

fukawi1 10-26-2011 12:16 AM
Quote:
I feel you would be better served looking at web pages or books that use the su versus sudo arguments.
Could you please post a link to a relevant site? As i have tried a number of different searches and have been unable to find any relating to increased vulnerability to malware/attacks by being logged in as root.


All times are GMT -5. The time now is 10:54 AM.
Page 2 of 2 1 2
Show 50 post(s) from this thread on one page