LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-03-2012, 06:04 AM   #16
cynwulf
Senior Member
 
Registered: Apr 2005
Location: The Black Country, UK
Posts: 1,742
Blog Entries: 1

Rep: Reputation: 774Reputation: 774Reputation: 774Reputation: 774Reputation: 774Reputation: 774Reputation: 774

Quote:
Originally Posted by acid_kewpie View Post
don't be so patronising. It doesn't make you look good.
But can you see the irony there, I wonder...? ()

Sadly I expect you can't and that's half the problem...

In fact you've now "gone off on tangent" and transformed this into a puerile "sudo vs su" debate. The original argument was about this:
Quote:
Originally Posted by acid_kewpie View Post
Regardless of it being possible, you should NOT set one.
Followed by:
Quote:
Originally Posted by acid_kewpie View Post
Too much information can be a dangerous thing.
So in other words people should not set the root password because you said so - and you say so because "buntu said so" and you share those opinions? You obviously do not feel the need to explain yourself and the insinuation is that the reader should simply accept your written word as being one of the "ten commandments of GNU/Linux" and just "do it your way".

I was under the impression that this site was for the passing on of information with regard to GNU/Linux. I was also unaware that the "buntu way" as it is enforced at buntuforums is also now being pushed here. I was certainly not aware of there being an issue of "too much information"?


Last edited by cynwulf; 02-03-2012 at 06:05 AM.
 
Old 02-03-2012, 06:12 AM   #17
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
Quote:
Originally Posted by caravel View Post
So in other words people should not set the root password because you said so - and you say so because "buntu said so" and you share those opinions? You obviously do not feel the need to explain yourself and the insinuation is that the reader should simply accept your written word as being one of the "ten commandments of GNU/Linux" and just "do it your way".

I was under the impression that this site was for the passing on of information with regard to GNU/Linux. I was also unaware that the "buntu way" as it is enforced at buntuforums is also now being pushed here. I was certainly not aware of there being an issue of "too much information"?
Having been here for more than a decade, one of the main things I've learnt, and tried to take on board, not always successfully, is that the majority of members posting want to achieve an end result, and fix their problem. They ask inappropriate questions fairly often, and so it's a case of trying to understand the problem they want to fix instead of just answering their questions which often will either not help them actually achieve what they want or potentially lead them down dead ends as they jump to conclusions, through no fault of their own, that will not assist them in getting where they want to get. So whilst you seem to be trying to set me up to deny I ever said that, yes there is absolutely a risk of too much information, and it happens very frequently here from people not taking enough time to understand the objectives of the OP.

I had to have a car scrapped last year, as there was something wrong with the cam shaft or piston heads, causing metal deposits in the oil and blowing up the turbo. I wanted to have a functional car agaian so I was asking how to fix the engine. What work needs to be done? Would I need to buy a new engine? How much would that be? The garage, not being money grabbing goons, said, well... it's not worth fixing really, you'd be better off getting a new car. And that's what I ended up doing, and know my new car is great. Were they doing the wrong thing by not fixing / patching up my old car? Of course not. They could have gone too far in the wrong direction, really shafted me, and given me the equivalent of too much information, in the form of too many expensive invoices.

Often just the need to ask a question proves they probably should not be asking the question in the first place. How many people who come here and ask "How do I compile a kernel"? should actually do it? Such a broad question suggests that they don't really understand the implications of compiling their own kernel, configuring it etc. There's nearly always a reason that they ended up thinking that they need to when in reality they almost certainly don't. There are plenty of situations where you DO need to compile your own but if you are in that situation, you are hardly likely to be the kind of person who needs to ask such a question in the first place.

Last edited by acid_kewpie; 02-03-2012 at 06:23 AM.
 
Old 02-05-2012, 08:25 PM   #18
mreff555
Member
 
Registered: Sep 2011
Location: Philly
Distribution: Gentoo
Posts: 470

Rep: Reputation: Disabled
I'm sorry, but you can argue the security either way. If a potential hacker has direct access to a console then yes. It definitely makes sense to ask users to strictly use sudo. Like I said before, in most situations, sudo is just fine. However there does exist situations where it is more convenient to know root. As long as it is used responsibly I would argue that is is just as secure, if not more. More importantly, su's use has not been depreciated, and it's really up to the user.
 
Old 02-05-2012, 08:31 PM   #19
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
Well it's really up to the security policy department in my experience. The users seldom have a say in it inthe secure environments I work in.

If you are just doing tin pot stuff then the security mechanism is largely irrelevant.
 
Old 02-05-2012, 08:47 PM   #20
mreff555
Member
 
Registered: Sep 2011
Location: Philly
Distribution: Gentoo
Posts: 470

Rep: Reputation: Disabled
Quote:
Originally Posted by acid_kewpie View Post
Well it's really up to the security policy department in my experience. The users seldom have a say in it inthe secure environments I work in.

If you are just doing tin pot stuff then the security mechanism is largely irrelevant.
I think you are once again, failing to see the point. We are not talking about an 500 user enterprise system. We are talking about a single user desktop pc.

Yes you are right, in a large commercial system, the security policy department would regulate security policy.

Analogously, you probably have to badge in to get to your office. I imagine you don't follow the same procedure at home.

Mreff

P.S. Why would a large multi-user platform run ubuntu anyway?
 
Old 02-05-2012, 08:58 PM   #21
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
I sign out my own laptop in triplicate.

My experiences are from using RHEL with complex root passwords. No Ubuntu but a near identical model.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Privilege Escalation - Getting 'root' privilege Rahil Parikh Linux - Security 2 12-02-2010 02:04 AM
root privilege nagavinodh Linux - Newbie 14 11-16-2009 01:02 PM
Identifying non-administrators w/ root privilege/ Multiple root account in use wjeanpaul Linux - Security 4 05-19-2006 09:55 PM
Insufficient Privilege instead of Root Password Request buckberger Linux - Security 3 12-25-2004 09:00 PM
How to get root privilege in program using c? whepin Programming 1 04-06-2002 06:27 AM


All times are GMT -5. The time now is 12:52 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration