Re: Sudo instead of SU
Joe Hart wrote the following on 21.04.2007 21:02:
<snip>
> Note that doing things with sudo the way Ubuntu does it is dangerous
> because if someone hacks into your computer (not likely if you have good
> security set up) or someone happens to come by your computer while sudo
> still keeps the password in memory, your giving full root access to said
> interloper. That's why you only have to type the password once for
> multiple sudo commands. (BTW, the timeout is adjustable)
I hit STRG+ALT+l everytime i leave the computer.
But that´s not only to prevent someone from being root on my box but also to
prevent misusing e.g. my mailaccount what can be as dangerous.
Security is more a matter of behavior then of technic imho.
That´s why pfishing so so successful these days.
> A much safer way is to use su -c "foo" and only issue the one command,
> but the quotes are needed, and that can become tiresome.
>
> But remember, it is your system and how you choose to use it is your
> decision. Just keep good security practices in mind and you're likely
> to enjoy happy computing a lot longer.
>
> Joe
bye Thilo
--
i am on Ubuntu 2.6 KDE
- some friend of mine
gpg key: 0x4A411E09
Reply to: