Find the answer to your Linux question:
Results 1 to 3 of 3
Hello there, I'm about to set up a home broadband connection (and believe me this is long overdue!) I've been thinking about security a lot, and I've hardened my system ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Guru fingal's Avatar
    Join Date
    Jul 2003
    Location
    Birmingham - UK
    Posts
    1,539

    Using sudo - best practice


    Hello there,

    I'm about to set up a home broadband connection (and believe me this is long overdue!) I've been thinking about security a lot, and I've hardened my system using Bastille, and I've been testing my passwords out using a neat little programme called 'John the Ripper'.

    A lot of people in here have talked about using sudo instead of root for carrying out system admin tasks. My machine is just one desktop box, which will just be a straight broadband internet workhorse.

    If I delegate all of root's privileges to one user (me) isn't this more of a security risk? After all, if someone got hold of my user password they could sudo my files away!!?

    Would it be better to:
    - just not use sudo
    - only delegate a few root commands to it (but which ones?)
    - not worry about this

    I've searched for an answer to this question, but I'm not happy with what I found so far, so all help appreciated.
    I am always doing that which I can not do, in order that I may learn how to do it. - Pablo Picasso

  2. #2
    Linux User
    Join Date
    Jan 2005
    Location
    Florida
    Posts
    414
    If you are going to be carrying out a particular task, or tasks, that need root privileges on a regular basis, say mounting a drive, you should add that privilege to your regular user account. If on the other hand you don't use anything needing root access regularly you should just forgo sudo and use su when you need to perform administrative. It is a bad idea to give a regular user account total root privileges.
    registered linux user: 387197

  3. #3
    Linux Guru fingal's Avatar
    Join Date
    Jul 2003
    Location
    Birmingham - UK
    Posts
    1,539
    Thanks for your answer! I'll do as you advise
    I am always doing that which I can not do, in order that I may learn how to do it. - Pablo Picasso

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •