[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Root sending messages to users

2008/6/26 s. keeling <keeling@nucleus.com>:
> Trying to think coherently, ...  [How's the weather/shrapnel?  :-P]
>

Hehe, they're both getting hotter.

> Think scenarios.  What's the screen door on a house good for?  It'll
> keep out a not too determined paperboy.  They also piss off burglars
> because they're noisy to deal with.  Many new homes don't bother with
> screen doors.
>

I thought that screen doors were meant for keeping out insects. In
computer terms, that would be unwanted visitors who just happen by,
not those determined to enter.

> That scenario shows opportunities for baddies ranging from paperboys
> through to determined burglars (and worse).  That's a lot of
> territory, and that's just one port into your house.
>

At home, I leave the door wide open and only the screen door protects
us. The insects stay out. However, we do not have the petty crime
problems that I am aware that some areas have. The Internet _does_
have a petty crime problem, I know.

> Think about it, and you'll see it's much better to:
>
>   - login your box.
>
>   - ssh-add your key.
>
>   - ssh somebox (anybox)
>
>   somebox ~Dotan_ % su -c 'aptitude update && aptitude upgrade'
>   Password:
>
> Alternatively, one day you may find that your nephew/neice, who you've
> invited in and told about Linux, has cracked root and blown away your
> wife's documents.  How's your backup situation?  What are you going to
> say to her?  You're that machine's god.  It and they need you to do
> the right thing if it's going to continue being useful.
>

I do not think that they can crack root without my 8 character
upper/lower/number password. Can they? How would having my own account
help?

As for the backup situation, it is excellent. I back up /home to an
encrypted tar file once a month, and put it on a separate drive on the
same computer. My laptop backups go there as well. Occasionally, I
copy recent tar backups to a spare hard drive that I leave at the
mother in law's. I am fanatical about backups, and test them about
twice a year (when I reinstall the OS).

> Worst case, one day you find out you're apparently part of a botnet
> and have been unwittingly contributing to the spam/malware problem.
> There've been Linux based botnets.
>

Again, how would having my own account, as opposed to sshing as the wife, help?

> You certainly don't have to, but you certainly should.
>

I simply fail to see the benefit.

Dotan Cohen

http://what-is-what.com
http://gibberish.co.il
א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-ת

A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
Reply to: