Is this list high volume

Matthew Carpenter matt at eisgr.com
Thu Feb 4 09:54:30 PST 2016 

Actually, as a security professional, I've found it very helpful in many cases.  
First of all, the rest of the code is being written such that it has to support sudo or some gui-equiv (gui apps, X, etc).  Being able to maintain a separation of root password from users with sudo access is also helpful.  sudo allows me to provide some capabilities without granting root to anyone needing to do specialized things.  
btw, you can still use root.  :)  just set a password for root and ssh in.  If you want a GUI for root, enable root as a GUI login identity.  If you're in an environment large enough that more than just you need access to the root account, good luck.  Accountability and logging are key.

But that's my soap-box.  I don't have a problem with sudo being the new root.  I've found that not allowing root logins has been a significant value against attacks.  Not that I can keep 0-days from pwning my machine, but I can make the cost of gaining root on them that much greater... and have more likelihood of identifying the compromise, if I'm looking.

$0x02,
Matt
-- 


On Thursday, February 04, 2016 12:39:44 PM Leon Goldstein via Linux-users wrote:
> Wow!  Great to hear from you again, David.  BTW I still have my copy of 
> /Using Caldera Open Linux/ you coauthored.
> 
> Is it just me, or does anyone else find having to use sudo, instead of 
> logging in as root user, a PITA?
> 
> 
> On 02/04/2016 12:29 PM, David A. Bandel via Linux-users wrote:
> > /me waves
> >
> > Still lurking.  $DAYJOB is running a university CS department servers 
> > and Linux workstations, and physics, math, civil engineering 
> > department servers as well -- never a dull moment.  RHEL7, Ubuntu, 
> > Scientific Linux, Mint, more.
> >
> > David-
> >
> > On Mon, Feb 1, 2016 at 3:58 PM, John C. Voigt via Linux-users 
> > <linux-users at linux-sxs.org <mailto:linux-users at linux-sxs.org>> wrote:
> >
> >     On 02/01/2016 03:13 AM, James McDonald via Linux-users wrote:
> >
> >     > Hi All,
> >
> >     <snip>
> >
> >     > Just kidding. I remember when I joined around '99 it was rather
> >     busy. Now
> >     > I'm not sure if we see a mail every 6 months.
> >
> >     Been along for the ride since the Caldera days. The list, in it's
> >     various incarnations has always has been a good source for quality
> >     information from very knowledgeable people.
> >
> >     > Anywho. Hi to all the lurkers!
> >
> >     /me ;-)
> >
> >     > PS. Running CentOS on web. Latest Fedora and Ubuntu in VMWare
> >     Fusion and a
> >     > MacBook Pro as my computing metal
> >
> >     Opensuse here mostly, but checking out a few other distros from
> >     time to
> >     time. Don't like the systemd stuff much, but I guess it's what is now.
> >
> >     > PPS. Discovered docker love it and hate it at the same time.
> >
> >     Not delved there yet, looks interesting though.
> >
> >     L8R,
> >
> >     JV
> >     --
> >     _/- John Voigt - K9GBO - Registered Linux User #38558
> >     _/- System Administrator - Valley Technology
> >     _/- jcvoigt at gmail.com <mailto:jcvoigt at gmail.com> - Terre Haute, IN
> >
> >     Experience varies directly with equipment ruined.
> >     _______________________________________________
> >     Linux-users mailing list
> >     Linux-users at linux-sxs.org <mailto:Linux-users at linux-sxs.org>
> >     http://mailman.celestial.com/mailman/listinfo/linux-users
> >
> >
> >
> >
> >
> >
> > _______________________________________________
> > Linux-users mailing list
> > Linux-users at linux-sxs.org
> > http://mailman.celestial.com/mailman/listinfo/linux-users
> 

>

More information about the Linux-users mailing list