Another reason to prefer a real root over sudo

Res res at ausics.net
Wed Feb 4 23:09:57 UTC 2009 

On Wed, 4 Feb 2009, Dave Woyciesjes wrote:

> Res wrote:
>> youve contradicted yourself
>> unless you assume users login *only* as root which is dumb, but its no
>> worse then having already sudo'd . in fact by default su or root login to
>> do whatever then logging out is safer, yes i ve said it all before.
>> oh i will ignore the usual debian weenors who get on their boxes with the
>> debian propoganda about sudo, i bet you lamers have a nightly prayer than
>> goes like:
>>
>> dear <inser your god>
>> thank for the food we are about to eat
>> thank for the sudo we have wet dreams over
>> ...
>>
>>
>>
>> look people, just ignore the people who want to force THEIR preferences
>> and propoganda down your throat, use what you think is best.
>> personnally, I:
>>
>> sudo passwd root
>> <give root a password>
>>
>> then su/login whenever you want
>> amd never use sudo again, much safer (by default)
>>
>> But I do agree with the weenors when it comes to not allowing remote root,
>> unless its a very secure lan.
>>
>> all flames sent to /dev/null
>>
>>
>>
>
> 	In other words, it's all about personal choice. You can go ahead and
> shoot yourself in the foot, if you like. I choose not to.

no, you cant make that assumption, because to do so, says your favouring 
sudo, which for reasons stated before may not be everybody case,

in fact someone recently said sometrhing that made a better argument, I'll 
borrown on their glory and do an ABC since some of you still have your 
pathetic rose coloured glasses on :)



-I have 2 logins on this box, res and root
-res cant sudo, nobody can.
-root has a separate very long and hard password
-I allow res external ssh access
-i dissalow root external access

scenario one:

someone cracks res's password, they have my pass so they use sudo and 
fuck me over rm -rf /  bye bye system

scenario two:
someone cracks res's password, they have my pass, sudo and get nowhere, 
oh well they can rm -rf everthing "res" owns *BUT* my system is perfenctly 
sane and safe because they dont have the ability to delete anything else, 
sure, once in they can run stuff to try crack root, but im betting they 
will take years to do so with the pass's I use on root a/c's


So, whilst your busy, crying yourself in your drink and reinstalling and 
trying to find copies of some important data,  I'm shrugging my shoulders 
and deleting res and re adding res, changing its pass and installing last 
nights /home/res and going back to watch tele, some 3 minutes later.


> 	"Opinions are like assholes. Everybody has one, and most of them stink"
> - Unkonwn


Yes and some are very dangerous and unthoughout opinions as well.



-- 
Res

"All we need, is just a little patience"  -- William Bruce (Axl) Rose

More information about the ubuntu-users mailing list