Security :: Using Sudo Instead Of Root Be Safer?

Apr 5, 2011

Consider: [URL]

In security terms, would using sudo instead of root be safer? I'd actually prefer to use this if so; I like sudo an awful lot. (It's Mark Shuttleworth's fault)

View 10 Replies


ADVERTISEMENT

General :: Safer No Password Sudo?

Nov 22, 2010

This is on my host machine. I'm the only one using it so it's fairly safe, but I have a very complex password that is hard to type over and over. I use the console for moving files around and executing arbitrary commands a LOT, and I switch terminals, so sudo remembering for the console isn't enough (AND I still have to type in my terrible password at least once!) In the past I have used the NOPASSWD trick in sudoers but I've decided to be more secure. Is there any sort of compromise besides allowing no password access to certain apps? (which can still be insecure) Something that will stop malware and remote logins from sudo rm -rf /-ing me, but in my terminals I can type happily away? Can I have this per terminal, perhaps, so just random commands won't make it through? I've tried running the terminal emulations as sudo, but that puts me as root.

View 6 Replies View Related

Security :: Creating A Safer Web With Content Security Policy?

Mar 22, 2011

Quote:One of the new features in Firefox 4 that we are very excited about is Content Security Policy, which is a mechanism that works behind the scenes to prevent some of the more severe web-based attacks against users and websites.Firefox users don?t have to do anything in order to gain this protection. Simply install Firefox 4 and you will instantly receive all of the benefits that Content Security Policy has to offer. Easy!

View 1 Replies View Related

Ubuntu :: Security Software - Make It Safer ?

Aug 2, 2011

Is there any software i need ,to make it safer......

View 5 Replies View Related

Security :: Sudo To Root Without Password?

Jan 26, 2011

We have a couple of clusters that are running Oracle. If you're familiar with Oracle you know that it basically has to be installed as root. Something I detest. anyway, when we are building out the box, we change the root pw and give it to the DBA team to do their installs and configs. When they are done, we change the root pw (and do not give it to them), and configure sudo to allow them the rights needed to manage Oracle and their databases.

Now however, we have a different situation. The DBAs need access to uninstall and reinstall components and make modifications on an ongoing basis. Since we only support OS and hardware, not app, they are requesting permanent root access. I promptly told them no, and the politics ensued. Their manager went to their director, who went to my director, and suddenly an exception is given for his good golfing buddy. So here I am, forced to turn lose DBAs on my clusters with full root access/pw. I need a way to allow specific users (or perhaps a specific user group) the ability to become root WITHOUT sharing the root pw with them.

View 3 Replies View Related

Security :: Sudo Non-user/non-root Password?

Feb 19, 2010

Stumped on this one. I'm trying to set up limited sudo authority on a desktop with some sensitive user data, and as an extra precaution I wanted to configure sudo to use a password other than the user's or the root's. I'm not sure how to do this. From the manual, we have a few options, such as "runaspw" or "targetpw", but none seem quite what I'm looking for.For instance, "runaspw" could be used if I created a user for nothing other than sudo(ing) purposes, but it requires you set "runas_default", which means that said user would have to have authority to execute said commands in the first place. This is workable, but seems like a lot of extra configuration for each specific command that I want to run, as well as creating some issues with simply commands such as "shutdown" or "reboot". Also, "targetpw" can be used in conjunction with a sudo(ing)-only user if I set an alias, but, again, this isn't quite what I am looking for.

Ultimately, what I am really concerned about in this situation are keystroke loggers, so I would prefer to avoid repeated entering the user or root password when performing administrative tasks. Also, I would prefer not having to create a sudo(ing)-only user as mentioned above to prevent a comprimised password resulting in an attacker being able to log into my system.

View 3 Replies View Related

General :: Sudo Cd /root Gives Sudo - Cd - Command Not Found

Jan 6, 2011

Kernel 2.6.21.5, Slackware 12.0

Code:

Code:

On the other hand

Code:

So, I do not understand why the notification "sudo: cd: command not found", considering cd is a bash built-in command.

View 3 Replies View Related

Fedora Security :: Cannot Open /var/db/sudo After Sudo Package Upgrade?

Sep 16, 2010

A day ago I finally got around to upgrading the PackageKit installation that had been sitting for a week and a half, so I found a new upgrade for sudo available - the one that gives the sudoreplay command, I forget which version number it is exactly. When I try to use the sudo command I get this notice in my terminal:Code:Can't open /var/db/sudo/me/1: Permission deniedI didn't get it before. What do I have to do to make it open? I'm using SELinux in enforcing mode if that helps.

View 1 Replies View Related

Ubuntu :: Can't Cd To Root Acount /home In Terminal - Sudo Cd /root Fails?

Jul 25, 2011

can't cd to root acount /home in terminal - sudo cd /root fails?

View 3 Replies View Related

OpenSUSE Install :: Revert The Changes Or Change The Permissions Again To Root:root Or Make Sudo Work

Aug 10, 2011

Accidentally I changed the ownership of all the directories under / to my own instead of root:root. Now I am unable to use sudo and many bad things are happening. Is there a way to revert the changes or change the permissions again to root:root or make sudo work ?

View 3 Replies View Related

General :: CentOS / Sudo Doesn't Accept Root Password But Logging In As Root Works

Apr 9, 2010

I was trying to edit a file requiring root permissions, so I used sudo. I typed the root password and it failed. This happened three times, and the process was ended. I then logged in as root (su) and was able to navigate to the file and make changes as root. Am I missing something? How would I edit the sudoers file such that this password would work? Or is there another way to log in to the sudo group to make these changes? How do I set sudo passwords?

View 1 Replies View Related

Fedora Security :: Terminal Equivalent Of "sudo" Is It Still Sudo/KDEsudo

May 29, 2010

I am new to fedora (been using debian based distro's for the longest time). With the new release I decided to give FC13 (The kde 64 bit spin) a try. I told it to wipe my entire hdd and encrypt the partitions. The partition manager made a few LVM partitions which I assume are encrypted.

The problem I am having is that if I attempt to use an application that would normally need root access to run, I am not prompted to enter my root password. Instead, I am required to logout and log back in as root. Is there a way to make it so that FC13 will prompt me to enter in my root password so I do not need to log in and out? Or is there something Different I should have done during the install process? Also, what is the terminal equivalent of "sudo" in fedora, or is it still sudo/KDEsudo

I also have not used SE Linux before. Do I need to manually enforce the permissions for my applications and generate my own profiles for it, or is that done automatically?

View 14 Replies View Related

Fedora :: Sudo And Root Desactivated Rather Than Su?

Oct 1, 2010

I use Fedora 13 LXDE and I want to know how to use sudo with my user passwordnd desactivate the root account rather than the su command like Ubuntu distribs

View 7 Replies View Related

Ubuntu :: Become A Root User Without Using Sudo?

Nov 6, 2010

How to become a root user without using sudo?So,that i can become super user to edit configuration files in etc directory.

View 1 Replies View Related

Ubuntu :: Ask For Root Password Instead Of Sudo?

Dec 16, 2010

When i install or upgrade the system I want to be asked for the root password instead of just the normal password for sudo. The reason for this is that the kids and so on uses my system and know my password. They do not know my root password though. I do not want them to install or mess up my system by pure fumbling, so is this possible to do. A simple change in who runs the updater/install features...

View 9 Replies View Related

Ubuntu :: Why Is 'sudo' Better Than Logging In As Root?

Jan 25, 2011

I don't like about it is the fixation of avoiding root login. I read in the sticky post at the top of this forum that logging into a GUI interface as root is nearly always a bad idea. Why is this? If I have access to the root password, and can simply sudo commands as root, what is the functional difference? The only difference I can see is that I have to continually type in my root password for pretty much everything I do. Elevating a user to root status seems to require a call to the almighty.

I'm usually the only one with access to this system, and I generally like to add in user accounts for any other people that will use the system, and leave root for myself. What is the benefit of requiring 'sudo' all the time?

View 8 Replies View Related

Fedora :: Sudo Password For Root Not Going?

Oct 29, 2010

I need to run a command in a terminal, but cannot get root. I can in "Add Software" to install, I know and tried all the passwords I know from the install, but no show.What can I do?I tried sudo password, then typed in the space, no letters appear, but no success.TO "sudo password" after putting is my password, my username comes up and it says I am not in sudoers file.My Laptop has only one user, I know as I tried switching for a test.

View 12 Replies View Related

CentOS 5 :: Using Sudo To Change To Root?

Sep 17, 2009

A few years ago I fellow admin showed me this command:sudo su - to change to rootIs this a 'best practice' method or a hap hazzard approach to system administration?I consulted with a senior admin and he frowned on this access to root.

View 3 Replies View Related

Ubuntu Security :: Giving Root Permission To An Application But Without Running It As Root?

Jan 20, 2011

want to run VirtualBox with root permissions. Trouble is that only when run as root i can access attached USB devices inside of a virtual machine, otherwise, these a greyed out).Now running VirtualBox as a root user also changes the configuration folders, making all my virtual machines already defined disappear. I also don't want to copy all to the root configuration folders. Is there a way to give the VirtualBox root permissions but without actually running the application as a root user. Is it possible to do without changing the permissions of the non-root user, i.e. i don't want my user to have all root permissions, due to security considerations.

View 1 Replies View Related

Security :: Secure FTP - Root Privileges After Logging In Form A Macintosh And Could Browse The Root Directory

Apr 12, 2010

I run ProFTPd with TLS authentication on my Debian Lenny server. My problem is that despite of the fact that my users connect chrooted, one of my friends had root privileges after logging in form a Macintosh and could browse the root directory, too.

View 1 Replies View Related

Fedora :: Sudo Running As Root Instead Of Specified User?

Jan 25, 2010

I have a weird question about the sudoers file. Currently, I am running "Red Hat Enterprise Linux ES release 4 (Nahant Update 8)".

I edited the sudoers file (via visudo) and added the following:

User_Alias RPTS2 = vtmtest

RPTS2 xxxxx = (jboss) /oracle/app/oracle/apps/rptsd/deploy-jboss/deploy_rpts_jboss.sh

The user (vtmtest) issues the following command

sudo /oracle/app/oracle/apps/rptsd/deploy-jboss/deploy_rpts_jboss.sh

and gets this message:

user vtmtest is not allowed to execute '/oracle/app/oracle/apps/rptsd/deploy-jboss/deploy_rpts_jboss.sh' as root on xxxxx

When I look at the log, I see the following:

Jan 25 14:17:57 xxxxx sudo: vtmtest : command not allowed ; TTY=pts/12 ; PWD=/export/home/vtmtest ; USER=root ; COMMAND=/oracle/app/oracle/apps/rptsd/deploy-jboss/deploy_rpts_jboss.sh

1. Why does sudo try to run as the root user, when I have specified in the command to run as jboss?

2. Do I need to specify anything else so that this command can run as the "jboss" user and not "root"?

View 2 Replies View Related

Fedora :: User Uses Root Password With Sudo

Sep 20, 2010

I want to use root password instead of adding my user to the list of sudoers,In Arch wiki ander Root password:Users can configure sudo to ask for the root password instead of the user password by adding "rootpw" to the Defaults line in /etc/sudoers: but that did not work for me. it asks for root password.Why do I want to do that:
1. I want to do that, I like sudo more than su -c 'some_command'.
2. sudo enables bash completion, su -c does not.
3. I don't want to add my user to sudoers list.

I found many users Suggesting alternatives and lowering the important of my need for this, when I asked this question in anther please.

View 8 Replies View Related

General :: Make Sudo Ask For The Root Password?

Jul 9, 2010

When I run sudo as a normal unprivileged user, it asks for my password, not the root password. That's often convenient, but it reduces the amount of information someone would have to have in order to run commands as root. So how can I make sudo ask for the root password instead of the invoking user's password? I know it'd be done with a line in /etc/sudoers, but I can never seem to properly parse the BNF grammar in the man page to figure out exactly what to write.

View 4 Replies View Related

Ubuntu :: Get Root User Access Without Using Sudo?

Apr 23, 2010

It's been a few years since I last installed Ubuntu. I searched the forums and can't seem to find the answer. I want to be able to do a "su root" and have root access. I know Ubuntu wants you to do the sudo command, and I know you can really mess things up being root. I know I got this to work before. What do I need to do?

View 3 Replies View Related

Ubuntu :: OS Started Asking For 'password For Root' Rather Than Sudo

May 29, 2011

when I try to do admin tasks - e.g. setting my wireless connection to "available to all users" or updating a group's settings - it asks for "password for root" rather than asking for my password so it can sudo.I was forced to enable the root password, so I could do anything on my system ( sudo su; passwd; ) but I'd rather keep my root password locked and use sudo if possible.

View 4 Replies View Related

General :: Execute Root Command Without Sudo?

Jan 24, 2010

On my ubuntu I have a command pm-suspend, which puts the computer to sleep. It has to be run with sudo. Since it is inconvenient to be forced to type the password every time I want my computer to sleep, I thought maybe there's a way around it. Naively I thought that if I'd create a script as root, that invokes pm-suspend, and then let anyone execute that script, I could run that script as my own user and then that script would be considered run by root and hence be allowed to run pm-suspend. Obviously that didn't work. The root-check procedure in pm-suspend still found out that the original executor was someone different from root.

Still I think something similar (although slightly more elaborate) should work.I'm thinking about the process that allows the user to mount hard drives for example. Normally root is required, but it is somehow bypassed by the gnome utility mounting.

View 8 Replies View Related

General :: Difference Between Sudo And Root User?

Feb 8, 2010

Can a sudo user do everything what a root user can do? I read sometimes expert say "You should run it as root rather than sudo user".

View 14 Replies View Related

Slackware :: Start Thunar As Root - Won't Run After Sudo

Jun 1, 2011

I have been using ubuntu or a derivative distro and perhaps I grew too used to sudo. If it matters I am on Slackware 13.37 and xfce4. I was able to adjust sudoers to allow sudo but I am having difficulties running some progs as root. The biggest concern is trying to start thunar as root. It wont run after sudo, su, or su -l. What am I doing wrong?

View 10 Replies View Related

Slackware :: Sudo Does Not Allow Access To Root Commands

Feb 22, 2011

In order to allow me to shutdown my PC from within fluxbox without being root I ran "visudo" and added the following line:

Code:

psionl0 ALL=(ALL) NOPASSWD: ALL

A check that the line had been accepted showed all ok:

Code:

bash-4.1$ sudo -l

User psionl0 may run the following commands on this host:

(ALL) NOPASSWD: ALL

Yet when I tested it out, I got nowhere:

Code:

bash-4.1$ sudo pkgtool
sudo: pkgtool: command not found
bash-4.1$ sudo shutdown -h now
sudo: shutdown: command not found
bash-4.1$

Have I done something wrong or isn't sudo meant to be used this way?

View 12 Replies View Related

Ubuntu :: Preferred Use Of Sudo For Root-gaining

Oct 2, 2010

Which use of sudo do you prefer to get a root shell?

View 14 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved