[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
I'm with Brad here. The valuable stuff (your data) is protected by the password. The sudo is largely protecting stuff of low value you simply don't want modified without consent (e.g. A Malware barrier). Nothing root can access is more valuable than your data on a single user machine. With a single user machine all you do with extra password for root is make it slightly harder for an attacker to persist silently, your data is already compromised. That said I would consider encrypting the whole disk (assuming it has any valuable data, e.g. email credentials) and then (if I was keen) persuade the window manager to just log me in without a further password. Then you have encryption password to log in, and user password for sudo operations. Consider also a boot password. Depending on hardware you may be able to combine encryption and boot password, and keep the encryption key in hardware protected by the boot password. Of course the deeper the hole you bury your data in the more important good backups become. You lose the key to an encrypted disk your data is toast. -- The Mailing List for the Devon & Cornwall LUG https://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq