Q as to Root v other login
John Summerfield
debian at herakles.homelinux.org
Mon Nov 29 02:33:01 UTC 2004
On Monday 29 November 2004 09:31, Ed Wilts wrote:
> $ su -
> and enter the root password. Log out of root as soon as you're done.
I think the idea of su is bad.
The default setup with Ubuntu linux is root's account is disabled and has no
password.
Instead, one creates a user account and sudo is configured to allow this user
to run any command and they verify their permission _with their own
password._
There are people trying to get access to *x boxes by attempting ssh logins
usin a small list of possible account names (root, admin and guest amongst
them) in combination with some list of passwords.
Surprisingly, ewilts is not in the list of accounts they use, so security is
already better:-)
So the default setup is that after installation I can perform all
administrative actions using the sudo command and _my_ password.
My wife and daughter both use my computer and bot need to be able to do some
administration; we'll say enable Internet access.
I can permit them to use these two commands _and no others:_
/sbin/ifup Westnet
/sbin/ifdown Westnet
They have to produce their own passwords, not mine.
My imaginary son who has a known liking for illicit content has no such
privilege.
sudo is part of fc and can be configured the same way, but in Ubuntu Linux
Gnome also is configured to use sudo and not su.
--
Cheers
John
More information about the fedora-list
mailing list