Security :: Using Sudo Instead Of Root Be Safer?
Apr 5, 2011Consider: [URL]
In security terms, would using sudo instead of root be safer? I'd actually prefer to use this if so; I like sudo an awful lot. (It's Mark Shuttleworth's fault)
ADVERTISEMENT
General :: Safer No Password Sudo?
Nov 22, 2010This is on my host machine. I'm the only one using it so it's fairly safe, but I have a very complex password that is hard to type over and over. I use the console for moving files around and executing arbitrary commands a LOT, and I switch terminals, so sudo remembering for the console isn't enough (AND I still have to type in my terrible password at least once!) In the past I have used the NOPASSWD trick in sudoers but I've decided to be more secure. Is there any sort of compromise besides allowing no password access to certain apps? (which can still be insecure) Something that will stop malware and remote logins from sudo rm -rf /-ing me, but in my terminals I can type happily away? Can I have this per terminal, perhaps, so just random commands won't make it through? I've tried running the terminal emulations as sudo, but that puts me as root.
View 6 Replies View RelatedSecurity :: Creating A Safer Web With Content Security Policy?
Mar 22, 2011Quote:One of the new features in Firefox 4 that we are very excited about is Content Security Policy, which is a mechanism that works behind the scenes to prevent some of the more severe web-based attacks against users and websites.Firefox users don?t have to do anything in order to gain this protection. Simply install Firefox 4 and you will instantly receive all of the benefits that Content Security Policy has to offer. Easy!
Ubuntu :: Security Software - Make It Safer ?
Aug 2, 2011Is there any software i need ,to make it safer......
View 5 Replies View RelatedSecurity :: Sudo To Root Without Password?
Jan 26, 2011 We have a couple of clusters that are running Oracle. If you're familiar with Oracle you know that it basically has to be installed as root. Something I detest. anyway, when we are building out the box, we change the root pw and give it to the DBA team to do their installs and configs. When they are done, we change the root pw (and do not give it to them), and configure sudo to allow them the rights needed to manage Oracle and their databases.
Now however, we have a different situation. The DBAs need access to uninstall and reinstall components and make modifications on an ongoing basis. Since we only support OS and hardware, not app, they are requesting permanent root access. I promptly told them no, and the politics ensued. Their manager went to their director, who went to my director, and suddenly an exception is given for his good golfing buddy. So here I am, forced to turn lose DBAs on my clusters with full root access/pw. I need a way to allow specific users (or perhaps a specific user group) the ability to become root WITHOUT sharing the root pw with them.
Security :: Sudo Non-user/non-root Password?
Feb 19, 2010Stumped on this one. I'm trying to set up limited sudo authority on a desktop with some sensitive user data, and as an extra precaution I wanted to configure sudo to use a password other than the user's or the root's. I'm not sure how to do this. From the manual, we have a few options, such as "runaspw" or "targetpw", but none seem quite what I'm looking for.For instance, "runaspw" could be used if I created a user for nothing other than sudo(ing) purposes, but it requires you set "runas_default", which means that said user would have to have authority to execute said commands in the first place. This is workable, but seems like a lot of extra configuration for each specific command that I want to run, as well as creating some issues with simply commands such as "shutdown" or "reboot". Also, "targetpw" can be used in conjunction with a sudo(ing)-only user if I set an alias, but, again, this isn't quite what I am looking for.
Ultimately, what I am really concerned about in this situation are keystroke loggers, so I would prefer to avoid repeated entering the user or root password when performing administrative tasks. Also, I would prefer not having to create a sudo(ing)-only user as mentioned above to prevent a comprimised password resulting in an attacker being able to log into my system.
General :: Sudo Cd /root Gives Sudo - Cd - Command Not Found
Jan 6, 2011Kernel 2.6.21.5, Slackware 12.0
Code:
Code:
On the other hand
Code:
So, I do not understand why the notification "sudo: cd: command not found", considering cd is a bash built-in command.
Fedora Security :: Cannot Open /var/db/sudo After Sudo Package Upgrade?
Sep 16, 2010A day ago I finally got around to upgrading the PackageKit installation that had been sitting for a week and a half, so I found a new upgrade for sudo available - the one that gives the sudoreplay command, I forget which version number it is exactly. When I try to use the sudo command I get this notice in my terminal:Code:Can't open /var/db/sudo/me/1: Permission deniedI didn't get it before. What do I have to do to make it open? I'm using SELinux in enforcing mode if that helps.
View 1 Replies View RelatedUbuntu :: Can't Cd To Root Acount /home In Terminal - Sudo Cd /root Fails?
Jul 25, 2011can't cd to root acount /home in terminal - sudo cd /root fails?
View 3 Replies View RelatedOpenSUSE Install :: Revert The Changes Or Change The Permissions Again To Root:root Or Make Sudo Work
Aug 10, 2011Accidentally I changed the ownership of all the directories under / to my own instead of root:root. Now I am unable to use sudo and many bad things are happening. Is there a way to revert the changes or change the permissions again to root:root or make sudo work ?
View 3 Replies View RelatedGeneral :: CentOS / Sudo Doesn't Accept Root Password But Logging In As Root Works
Apr 9, 2010I was trying to edit a file requiring root permissions, so I used sudo. I typed the root password and it failed. This happened three times, and the process was ended. I then logged in as root (su) and was able to navigate to the file and make changes as root. Am I missing something? How would I edit the sudoers file such that this password would work? Or is there another way to log in to the sudo group to make these changes? How do I set sudo passwords?
View 1 Replies View RelatedFedora Security :: Terminal Equivalent Of "sudo" Is It Still Sudo/KDEsudo
May 29, 2010I am new to fedora (been using debian based distro's for the longest time). With the new release I decided to give FC13 (The kde 64 bit spin) a try. I told it to wipe my entire hdd and encrypt the partitions. The partition manager made a few LVM partitions which I assume are encrypted.
The problem I am having is that if I attempt to use an application that would normally need root access to run, I am not prompted to enter my root password. Instead, I am required to logout and log back in as root. Is there a way to make it so that FC13 will prompt me to enter in my root password so I do not need to log in and out? Or is there something Different I should have done during the install process? Also, what is the terminal equivalent of "sudo" in fedora, or is it still sudo/KDEsudo
I also have not used SE Linux before. Do I need to manually enforce the permissions for my applications and generate my own profiles for it, or is that done automatically?
Fedora :: Sudo And Root Desactivated Rather Than Su?
Oct 1, 2010I use Fedora 13 LXDE and I want to know how to use sudo with my user passwordnd desactivate the root account rather than the su command like Ubuntu distribs
View 7 Replies View RelatedUbuntu :: Become A Root User Without Using Sudo?
Nov 6, 2010How to become a root user without using sudo?So,that i can become super user to edit configuration files in etc directory.
View 1 Replies View RelatedUbuntu :: Ask For Root Password Instead Of Sudo?
Dec 16, 2010When i install or upgrade the system I want to be asked for the root password instead of just the normal password for sudo. The reason for this is that the kids and so on uses my system and know my password. They do not know my root password though. I do not want them to install or mess up my system by pure fumbling, so is this possible to do. A simple change in who runs the updater/install features...
View 9 Replies View RelatedUbuntu :: Why Is 'sudo' Better Than Logging In As Root?
Jan 25, 2011I don't like about it is the fixation of avoiding root login. I read in the sticky post at the top of this forum that logging into a GUI interface as root is nearly always a bad idea. Why is this? If I have access to the root password, and can simply sudo commands as root, what is the functional difference? The only difference I can see is that I have to continually type in my root password for pretty much everything I do. Elevating a user to root status seems to require a call to the almighty.
I'm usually the only one with access to this system, and I generally like to add in user accounts for any other people that will use the system, and leave root for myself. What is the benefit of requiring 'sudo' all the time?
Fedora :: Sudo Password For Root Not Going?
Oct 29, 2010I need to run a command in a terminal, but cannot get root. I can in "Add Software" to install, I know and tried all the passwords I know from the install, but no show.What can I do?I tried sudo password, then typed in the space, no letters appear, but no success.TO "sudo password" after putting is my password, my username comes up and it says I am not in sudoers file.My Laptop has only one user, I know as I tried switching for a test.
View 12 Replies View RelatedCentOS 5 :: Using Sudo To Change To Root?
Sep 17, 2009A few years ago I fellow admin showed me this command:sudo su - to change to rootIs this a 'best practice' method or a hap hazzard approach to system administration?I consulted with a senior admin and he frowned on this access to root.
View 3 Replies View RelatedUbuntu Security :: Giving Root Permission To An Application But Without Running It As Root?
Jan 20, 2011want to run VirtualBox with root permissions. Trouble is that only when run as root i can access attached USB devices inside of a virtual machine, otherwise, these a greyed out).Now running VirtualBox as a root user also changes the configuration folders, making all my virtual machines already defined disappear. I also don't want to copy all to the root configuration folders. Is there a way to give the VirtualBox root permissions but without actually running the application as a root user. Is it possible to do without changing the permissions of the non-root user, i.e. i don't want my user to have all root permissions, due to security considerations.
View 1 Replies View RelatedSecurity :: Secure FTP - Root Privileges After Logging In Form A Macintosh And Could Browse The Root Directory
Apr 12, 2010I run ProFTPd with TLS authentication on my Debian Lenny server. My problem is that despite of the fact that my users connect chrooted, one of my friends had root privileges after logging in form a Macintosh and could browse the root directory, too.
View 1 Replies View RelatedFedora :: Sudo Running As Root Instead Of Specified User?
Jan 25, 2010I have a weird question about the sudoers file. Currently, I am running "Red Hat Enterprise Linux ES release 4 (Nahant Update 8)".
I edited the sudoers file (via visudo) and added the following:
User_Alias RPTS2 = vtmtest
RPTS2 xxxxx = (jboss) /oracle/app/oracle/apps/rptsd/deploy-jboss/deploy_rpts_jboss.sh
The user (vtmtest) issues the following command
sudo /oracle/app/oracle/apps/rptsd/deploy-jboss/deploy_rpts_jboss.sh
and gets this message:
user vtmtest is not allowed to execute '/oracle/app/oracle/apps/rptsd/deploy-jboss/deploy_rpts_jboss.sh' as root on xxxxx
When I look at the log, I see the following:
Jan 25 14:17:57 xxxxx sudo: vtmtest : command not allowed ; TTY=pts/12 ; PWD=/export/home/vtmtest ; USER=root ; COMMAND=/oracle/app/oracle/apps/rptsd/deploy-jboss/deploy_rpts_jboss.sh
1. Why does sudo try to run as the root user, when I have specified in the command to run as jboss?
2. Do I need to specify anything else so that this command can run as the "jboss" user and not "root"?
Fedora :: User Uses Root Password With Sudo
Sep 20, 2010I want to use root password instead of adding my user to the list of sudoers,In Arch wiki ander Root password:Users can configure sudo to ask for the root password instead of the user password by adding "rootpw" to the Defaults line in /etc/sudoers: but that did not work for me. it asks for root password.Why do I want to do that:
1. I want to do that, I like sudo more than su -c 'some_command'.
2. sudo enables bash completion, su -c does not.
3. I don't want to add my user to sudoers list.
I found many users Suggesting alternatives and lowering the important of my need for this, when I asked this question in anther please.
General :: Make Sudo Ask For The Root Password?
Jul 9, 2010When I run sudo as a normal unprivileged user, it asks for my password, not the root password. That's often convenient, but it reduces the amount of information someone would have to have in order to run commands as root. So how can I make sudo ask for the root password instead of the invoking user's password? I know it'd be done with a line in /etc/sudoers, but I can never seem to properly parse the BNF grammar in the man page to figure out exactly what to write.
View 4 Replies View RelatedUbuntu :: Get Root User Access Without Using Sudo?
Apr 23, 2010It's been a few years since I last installed Ubuntu. I searched the forums and can't seem to find the answer. I want to be able to do a "su root" and have root access. I know Ubuntu wants you to do the sudo command, and I know you can really mess things up being root. I know I got this to work before. What do I need to do?
View 3 Replies View RelatedUbuntu :: OS Started Asking For 'password For Root' Rather Than Sudo
May 29, 2011when I try to do admin tasks - e.g. setting my wireless connection to "available to all users" or updating a group's settings - it asks for "password for root" rather than asking for my password so it can sudo.I was forced to enable the root password, so I could do anything on my system ( sudo su; passwd; ) but I'd rather keep my root password locked and use sudo if possible.
View 4 Replies View RelatedGeneral :: Execute Root Command Without Sudo?
Jan 24, 2010On my ubuntu I have a command pm-suspend, which puts the computer to sleep. It has to be run with sudo. Since it is inconvenient to be forced to type the password every time I want my computer to sleep, I thought maybe there's a way around it. Naively I thought that if I'd create a script as root, that invokes pm-suspend, and then let anyone execute that script, I could run that script as my own user and then that script would be considered run by root and hence be allowed to run pm-suspend. Obviously that didn't work. The root-check procedure in pm-suspend still found out that the original executor was someone different from root.
Still I think something similar (although slightly more elaborate) should work.I'm thinking about the process that allows the user to mount hard drives for example. Normally root is required, but it is somehow bypassed by the gnome utility mounting.
General :: Difference Between Sudo And Root User?
Feb 8, 2010Can a sudo user do everything what a root user can do? I read sometimes expert say "You should run it as root rather than sudo user".
View 14 Replies View RelatedSlackware :: Start Thunar As Root - Won't Run After Sudo
Jun 1, 2011I have been using ubuntu or a derivative distro and perhaps I grew too used to sudo. If it matters I am on Slackware 13.37 and xfce4. I was able to adjust sudoers to allow sudo but I am having difficulties running some progs as root. The biggest concern is trying to start thunar as root. It wont run after sudo, su, or su -l. What am I doing wrong?
View 10 Replies View RelatedSlackware :: Sudo Does Not Allow Access To Root Commands
Feb 22, 2011In order to allow me to shutdown my PC from within fluxbox without being root I ran "visudo" and added the following line:
Code:
psionl0 ALL=(ALL) NOPASSWD: ALL
A check that the line had been accepted showed all ok:
Code:
bash-4.1$ sudo -l
User psionl0 may run the following commands on this host:
(ALL) NOPASSWD: ALL
Yet when I tested it out, I got nowhere:
Code:
bash-4.1$ sudo pkgtool
sudo: pkgtool: command not found
bash-4.1$ sudo shutdown -h now
sudo: shutdown: command not found
bash-4.1$
Have I done something wrong or isn't sudo meant to be used this way?
Ubuntu :: Preferred Use Of Sudo For Root-gaining
Oct 2, 2010Which use of sudo do you prefer to get a root shell?
View 14 Replies View Related
