RE: Sudo and other root-based security issues
Actually, how a cracker will typically try to get in is by exploiting
security holes in deamons that listen to network ports. These programs
USUALLY run as root. Logging in as root presents little-to-no
additional risk. If your system security is weak, logging-in as root
wont cause much additional risk. If it's strong, you generally worry.
That said, if you are going to bring your machine on-line,
it would be worth your while to chech into the debia site every few days
to check for security advisories.
You also want to read the security howto, the ipchains howto, and look into
tripwire.
The real reason use of the root account is discuraged is that one poorly
typed command can really screw up your system. For example, try this:
ls a*
now try:
ls a *
one misplaced space makes a world of difference. Glad that wasn't "rm"
instead of "ls"?
Bryan
On 19-Oct-99 David J. Kanter wrote:
> From what I've read, I'm relatively pertrified to use my root account unless
> absolutely necessary, like configuring X or setting up my MTA. (There are
> only two users here, me and root.)
>
> But since some commands require root access, and it's a pain to su root all
> the time, how secure is it to run sudo on something like wvdial or slrnpull?
>
> I'm generally under the impression that once logged on as root and on-line
> with the Internet, anyone can crack into my system. This has got to be
> wrong, right?
>
> Thanks.
> --
> David J. Kanter
> djkanter@nwu.edu
> Debian 2.1
>
Reply to: