Re: Is this why you shouldn't log in as root?
Ron Johnson wrote:
On Tue, 2003-04-29 at 10:31, Vineet Kumar wrote:
* Ron Johnson (email@example.com) [030428 23:35]:
On Mon, 2003-04-28 at 17:13, Jon Wood wrote:
On Mon, 2003-04-28 at 23:04, Ron Johnson wrote:
On Mon, 2003-04-28 at 12:28, Don Werve wrote:
On Mon, Apr 28, 2003 at 01:03:03PM -0400, alex wrote:
At the console, I log into root on occasion for things like upgrading
the NVIDIA driver, restarting X after upgrading XFree, etc, and am not
afraid of it.
<yoda>You will be. You will be.... <snicker mood="foreboding"/></yoda>
Why? What's the diffie between that and logging in as <user> and
then doing "su -"? It's not like I live logged in to root...
Personally, I am constantly logged in as root on vt3 and almost never
use 'su'. I think it was someone on this list that made me irrationally
paranoid that someone[somehow[remember I freely admit that it is an
irrational fear]] will run a keystroke logger on my X session and pick
up my root password if I use su. And if I were able to use sudo to do
the kind of things that I use root for, than so can an attacker.[it
scares me to think of how many computers: sudo 'echo "Yes, do as I say!"
| apt-get remove --purge libc6' : would work with and even without a
normal user password].