[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 31/08/11 08:30, Philip Hudson wrote:
I call that windowising - where you abrogate computer management to human stupidity. To use the old car analogy its a bit like disabling the brake because it slows people down. Its there for a damned good reason and if your users cant understand that take their driving license away.On 30 Aug, 2011, at 7:19 pm, taylorjoshu00@xxxxxxxxxxxxxx wrote:Thirdly disable root ssh logonYesand use the sudo command,Yes, but...therefore if you were comprimised your would limit the damage without allowing root password to be comprimised!The conclusion does _not_ follow from the premise. With sudo, your own password is effectively the root password. Not necessarily a conclusive reason not to use sudo; just be sure you understand what you are doing: enabling sudo for general admin by non-root user[s], not for limited special purposes as intended; why you are doing it: convenience (no small consideration); and the security risk trade-off: compromise your user account = compromise root.
Tom te tom te tom <snip> -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq