can't run gnome as root - addition - SOLVED

[Tony Arnold]

On 03/10/12 11:41, Avi Greenbury wrote:
> Patrick Asselman wrote:
>> As far as I'm aware, ssh does (by default) not allow root to login
>> anyway, so whether or not root is enabled on the box is irrelevant
>> to the ssh security. (If you have ever checked your ssh logs for an
>> online box, you will understand why this is disabled. (Of course a
>> closed port is much more secure)).
> 
> Root is only disabled as a side-effect of the user not having a
> password set; if you set a root password on a Ubuntu machine, root may
> log in.

You can also disable root login over ssh via the sshd_config file.

>> I've witnessed an (experienced!) unix user become very pale all of a
>> sudden. After confirming he didn't have some sort of stroke, it
>> turned out he had accidentally used an "rm *" and it took much
>> longer than expected... it turned out he was in a directory he
>> wasn't expecting to be in (i.e. / ). After that I became a convinced
>> user of sudo :-)
> 
> After a while, `sudo rm *` becomes just as likely to happen as `rm *`.

It is likely to prompt you for a password that may give some thiniing time.

You might also be able to prevent the rm command from being executed via
sudo!

> If you're routinely doing the sorts of things that if done wrong can
> break stuff, you're fairly likely to get them wrong and break things
> from time to time, even if you prepend every command with the same
> five characters. Sudo is, IMO, _much_ more about auditing and
> restricting who can do what as root than it is about somehow
> preventing rooty mistakes from users with the privilege to make them.

Nothing is fool proof.

Regards,
Tony.
-- 
Tony Arnold,                        Tel: +44 (0) 161 275 6093
Head of IT Security,                Fax: +44 (0) 705 344 3082
University of Manchester,           Mob: +44 (0) 773 330 0039
Manchester M13 9PL.                 Email: tony.arnold at manchester.ac.uk