Ron Johnson wrote:
On Tue, 2003-04-29 at 10:31, Vineet Kumar wrote:* Ron Johnson (ron.l.johnson@cox.net) [030428 23:35]:On Mon, 2003-04-28 at 17:13, Jon Wood wrote:On Mon, 2003-04-28 at 23:04, Ron Johnson wrote:On Mon, 2003-04-28 at 12:28, Don Werve wrote:On Mon, Apr 28, 2003 at 01:03:03PM -0400, alex wrote:[snip][snip]At the console, I log into root on occasion for things like upgrading the NVIDIA driver, restarting X after upgrading XFree, etc, and am not afraid of it.<yoda>You will be. You will be.... <snicker mood="foreboding"/></yoda>Why? What's the diffie between that and logging in as <user> and then doing "su -"? It's not like I live logged in to root...
Personally, I am constantly logged in as root on vt3 and almost never use 'su'. I think it was someone on this list that made me irrationally paranoid that someone[somehow[remember I freely admit that it is an irrational fear]] will run a keystroke logger on my X session and pick up my root password if I use su. And if I were able to use sudo to do the kind of things that I use root for, than so can an attacker.[it scares me to think of how many computers: sudo 'echo "Yes, do as I say!" | apt-get remove --purge libc6' : would work with and even without a normal user password].