Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I dont know enough to understand what all that meant. Are they saying that using a firewall for each user is better or worse, is there a safe way to have firestarter startup on its own without giving the root password? I dont understand?
well more or less linux is about security, and things such as a firewall should be only be ran as root, where you shouldn't be running firewall based apps as normal user, nor should you be able to edit the firewall configuration as a normal user (i.e. iptables)
and in the thread i gave you acid_kewpie went on to say that he can read up on sudo to allow a normal user to run something that requires root privledges...and he states "man sudo" to be typed in the terminal to get more information about sudo, and also there is your wonderful friend google that can give you even more informatoin.
Basically yes because that's the only safe way. You only want someone who knows the root password to be able to change the firewall's security settings. You can grant specific users the ability to not have to type in the password, but what if someone exploits your account, and then finds automatic root access to the system's firewall? Bad things is what...
If you configure firestarter, as root, and then exit, you are done. If you tell it you use DCHP, it will set itself up correctly. If you tell it to start the firewall automatically on ppp connect, it will write it's IP tables on connect, and you don't have to start it as root. i.e. configure it, and forget it. It puts the right stuff in runlevel 3 and 5 so that no matter how you boot up, it is armed. A regular user doesn't need to access it, and as a matter of fact, you can't even setuid it, it tells X on you and X blocks the ability to start GLCore libraries as setuid. Pretty cool extra I think.
Root, me, configured firestarter, and the rules apply to all users on the system. They never have to even think about it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
