D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Security Thoughts

 
On Thu, 30 Mar 2017 18:26:42 +0100
"M. J. Everitt via list" <list@xxxxxxxxxxxxx> wrote:

Hello M.,

>(for gnome-based apps). You don't use 'sudo' if there's a root password
>set, you can just use 'su' (instead of prompting for the user password,
>you enter the root password). You may wish to check/change your

I know it's academic on a single user system, but there are sound
reasons for offering only sudo rather than allowing su:

First, passing around the root password isn't required.
Second, sudo actions are logged so sysadmin knows who tried to do what
and when (you mentioned this, I know).

Makes it a hell of a lot easier to point the finger of blame.   :-)

-- 
 Regards  _
         / )           "The blindingly obvious is
        / _)rad        never immediately apparent"
You destroyed my confidence, you broke my nerve
Nervous Wreck - Radio Stars

Attachment: pgpBGx7PscyWk.pgp
Description: OpenPGP digital signature

-- 
The Mailing List for the Devon & Cornwall LUG
https://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq