Help to get started
Nils Kassube
kassube at gmx.net
Fri Nov 12 15:26:37 UTC 2010
Reinhold Rumberger wrote:
> On Tuesday 02 November 2010, Nils Kassube wrote:
> > shawn wilson wrote:
> > > However, if ctrl+alt+f1 works and you can login there, do:
> > > sudo passwd # set root password
> >
> > Why? Usually there is no real benefit if you set a root password.
>
> There is. I once pulled a little stunt where a friend of mine went to
> the toilet and I quickly rebooted his machine into rescue mode and
> used that to set a root password and create a backdoor account.
Who needs enemies with friends like you ...
> It
> was all in good fun, and after creating a couple of funny effects, I
> showed him what I did, so in the end there was no harm done.
> But the fact remains that, should anybody but you have physical
> access to the machine, you had better set a root password or risk
> having your system compromised *really* quickly and easily.
>
> Obviously, if no one who knows anything about Linux is ever going to
> be around the machine, the point is moot, but if you own a laptop or
> have geek friends over, you had better see to it that your computer
> is properly protected. And a root password is really the least that
> absolutely needs to be set. (Ideally, you also need a boot password
> for your grub and a BIOS password and you hard drive needs to be
> first in the boot order. But exploiting a lack of those will mostly
> take longer than exploiting a missing root password...)
IMHO, if your "protection" merely makes it slightly more difficult to
attack the machine, it is only security theatre but no real security. If
you want to protect your machine from your geek "friends" or other
determined attackers, an encrypted file system might help.
> > If you need a root shell, you can use e.g.
> >
> > sudo su
> >
> > instead.
>
> I prefer "sudo su -" as that will set a proper root environment and
> not leave stuff like $HOME pointing to your home directory, mucking
> up permissions on settings files.
Sorry, I don't see your point - "sudo su" sets $HOME to /root which is
the proper value for a root shell.
Nils
More information about the kubuntu-users
mailing list