[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Sudo and other root-based security issues

David J. Kanter writes:
> But since some commands require root access, and it's a pain to su root
> all the time, how secure is it to run sudo on something like wvdial or
> slrnpull?

wvdial should not require root if your user is in group dip (wvdial may
also require 'dialout': pon does not).  I've never used slrnpull, but I'd
be surprised if it cannot be run as news.

> I'm generally under the impression that once logged on as root and
> on-line with the Internet, anyone can crack into my system. This has got
> to be wrong, right?

Right.  The cracker would rather you were not logged in at all.
John Hasler                This posting is in the public domain.
john@dhh.gt.org            Do with it what you will.
Dancing Horse Hill         Make money from it if you can; I don't mind.
Elmwood, Wisconsin         Do not send email advertisements to this address.

Reply to: