<div dir="ltr"><div dir="ltr"><div class="gmail_default" style="font-size:large"><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Feb 16, 2019 at 1:55 PM Jim Stockford <<a href="mailto:jim.stockford@gmail.com">jim.stockford@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><div><div><br></div>Using sudo for root-privileged actions promotes tracking <br></div>of who did what when, which su - does not so easily: <br></div>correct? incorrect? <br></div></blockquote><div><span class="gmail_default" style="font-size:large">Yes, a bureaucratic function used to assign blame when multiple people have root priv (assuming no active measures to obfuscate logs).</span></div><div><span class="gmail_default" style="font-size:large">Maybe not so useful if there is only one person with root. ;^D</span></div><div><span class="gmail_default" style="font-size:large">Ken<br></span></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Feb 16, 2019 at 10:56 AM Rick Moen <<a href="mailto:rick@linuxmafia.com" target="_blank">rick@linuxmafia.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Quoting Akkana Peck (<a href="mailto:akkana@shallowsky.com" target="_blank">akkana@shallowsky.com</a>):<br>
<br>
> You make an excellent point. I'd just been taking this "allowing<br>
> ssh as root is horribly dangerous" gospel without examining it.<br>
<br>
And, if you think about it, the way Ubuntu and similar distributions use <br>
sudo is pretty questionable from a security standpoint, too: It<br>
conditions the user to think of root privilege as just a bureaucratic<br>
detail with a command prefix, and not even requiring a separate<br>
password. IMO, it makes root mishaps _more_ likely, not less.<br>
<br>
There are other ways to use sudo, e.g., making escalating to system<br>
privilege require a separate, root-specific password rather than just<br>
using the admin user's regular password. (Aside from that, the BSD<br>
practice of restricting even the ability to escalate privilege to<br>
members of a 'wheel' group has a lot of merit, and can be implemented on<br>
Linux with a little PAM adjustment.)<br>
<br>
Personally, I prefer the old-school conceptual model, where root is just<br>
a dramatically different user reached by doing 'su -', whereupon the<br>
shell prompt changes from '$' to '#', to remind you that you are now<br>
playing with fire, need to watch your step, and should probably exit<br>
that subshell and drop root privilege as soon as possible. My friend<br>
Richard Couture, who owned and ran the famous CoffeeNet Linux-based<br>
Internet cafe in South of Market, SF, used to further underline that<br>
point by causing all root-user xterm windows to have a red background.<br>
<br>
Works for Me.[tm]<br>
<br>
<br>
> Oh, yes, I certainly agree with that -- which is why I don't run<br>
> any of those defaults. <br>
<br>
(Reminds me, aka please pardon the slight change of subject:) It's easy<br>
to forget, when you're a software nerd, that, by and large, when you<br>
talk to the general public and diligently detail for them how they<br>
should customise their software, that they're going to nod and listen<br>
and sound receptive -- but then do _absolutely nothing_.<br>
<br>
This was a lesson computer nerds learned only slowly after the Great<br>
Unwashed discovered the Internet, and especially after the Year of<br>
Endless September (<a href="https://en.wikipedia.org/wiki/Eternal_September" rel="noreferrer" target="_blank">https://en.wikipedia.org/wiki/Eternal_September</a>),<br>
1993, when AOL opened its Internet gateway. You can still find all<br>
manner of nerd-written, optimistic FAQs where we of the computerist<br>
community patiently and concisely explained how to do interleaved<br>
quoting, how and why to trim quotations, why HTML and binary attachments<br>
have no place on Usenet and mailing lists, and so on. <br>
<br>
All of that documentation and assiduous help had approximately zero<br>
effect, because the experts giving that assistance simply couldn't<br>
conceive of _never touching the defaults_ -- yet, that's how Joe and<br>
Jane Sixpack do their computing. Every. Time.<br>
<br>
Except, of course, when they get social-engineered into downloading and<br>
installing (mailware) 'toolbars' into their Web browsers and such.<br>
<br>
<br>
[apulse:]<br>
<br>
> THANK YOU! What a wonderful option, which I will definitely try.<br>
<br>
You're very welcome. I hope it does the trick.<br>
<br>
<br>
_______________________________________________<br>
sf-lug mailing list<br>
<a href="mailto:sf-lug@linuxmafia.com" target="_blank">sf-lug@linuxmafia.com</a><br>
<a href="http://linuxmafia.com/mailman/listinfo/sf-lug" rel="noreferrer" target="_blank">http://linuxmafia.com/mailman/listinfo/sf-lug</a><br>
SF-LUG is at <a href="http://www.sf-lug.org/" rel="noreferrer" target="_blank">http://www.sf-lug.org/</a> <br>
</blockquote></div>
_______________________________________________<br>
sf-lug mailing list<br>
<a href="mailto:sf-lug@linuxmafia.com" target="_blank">sf-lug@linuxmafia.com</a><br>
<a href="http://linuxmafia.com/mailman/listinfo/sf-lug" rel="noreferrer" target="_blank">http://linuxmafia.com/mailman/listinfo/sf-lug</a><br>
SF-LUG is at <a href="http://www.sf-lug.org/" rel="noreferrer" target="_blank">http://www.sf-lug.org/</a> </blockquote></div></div>