Re: [ilugd] Linux Security: What it is ?
On 3/28/06, "आशीष शुक्ला \"Wah Java !!\"" <[EMAIL PROTECTED]> wrote: > And BTW, what are conventions for, if they're not fit in every situations, > that's why standards are there. > There are many, many things it's worth fighting for standardisation on. The username 'root' is such an ingrained Unix convention (yes, a convention, not a standard) that it really isn't one of them. I suggest you spend your headspace, your love of precision, and our mail-reading time on something more important. Even in the area of Linux security I have no doubt there are hundreds of more meaningful and genuine issues ... Cian ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] [ILUGD-Dev] Linux Security: What it is ?
On 3/26/06, "आशीष शुक्ला \"Wah Java !!\"" <[EMAIL PROTECTED]> wrote: > Since it is not precisely defined (if defined somewhere, I don't know) that > super user has to be defined as "root" in all UNIX systems, then why assume > presence of "root". > You are thinking too hard about this. It really doesn't matter. 'root' is a convention adopted by Unix systems since long ago. It is safe to assume the presence of root. If it's missing, the admin is doing something funny and should expect it to bite him and his users in the ass. Cian ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] [ILUGD-Dev] Linux Security: What it is ?
On 3/25/06, "आशीष शुक्ला \"Wah Java !!\"" <[EMAIL PROTECTED]> wrote: > Won't you consider it a bad programming practise. > No. There's always a 'root' user on a Unix system, unless someone goes out of their way to change that. If they want to do that then they can either 'su ' or hack su. Whatever. It's really not a big deal. Cian ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] [ILUGD-Dev] Linux Security: What it is ?
On 3/25/06, "आशीष शुक्ला \"Wah Java !!\"" <[EMAIL PROTECTED]> wrote: > Now, I'm unable to use "su" program to logon to uid 0 account > because it says there is no user named "root". So, my question is, is it a bug > in "su" program that instead of looking for "root" it should check for user > name > of uid 0, or I'm wrong ? > No, it's not a bug. 'root' is just the username su looks for by default. Read the manpage. You can have as many usernames with uid 0 as you like. Why you'd want many, I don't know. :o) However FreeBSD, for example, ships with two uid 0 users by default - root and toor. toor just has a bourne-again shell rather than plain sh; basically a 'utility' user so you can get an easier-to-use bash environment while leaving root with no-surprises (?) sh. The real user identifier on a Unix system is the uid. The username is just an alias for it, really, for us name-obsessed humans. Even where the superuser is concerned. Cian ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] disable loging for sudo users
On 11/03/06, Gora Mohanty <[EMAIL PROTECTED]> wrote: > You should probably also reconsider turning off logging of commands > run with sudo. With that, if something does go wrong, there is no way > to trace what happened. Rotating logs, or cleaning them out semi- > automatically is a better option, in my opinion. > Agreed. One of the main strengths of having administration commands run via sudo (and discouraging, for example, 'sudo sh' even by those who have ALL privileges) is having an audit trail for superuser access. Why wouldn't you want this? As for rotation, sudo won't generate a lot of log messages under normal use. Perhaps the only reason I can think of for doing this is to cover embarassment - I mean, if you mistype 20% of all your commands ... ;o) Cian ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] Meeting to discuss implications of the open culture of the Internet
On 18/02/06, Gora Mohanty <[EMAIL PROTECTED]> wrote: > At the moment, we are interested in obtaining > contact information for a few more panelists, and in > any links to news stories, blogs, etc., in this area. > This is a document I helped prepare back in 2004, during the Irish campaign against the introduction of electronic voting there. The latter half describes of how we felt technology helped us to participate in an openly-run political campaign, and how it might be used in other organisations; it sounds like it might be relevant. http://evoting.cs.may.ie/Documents/icte-demcom.pdf Cian ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/