[HanoiLUG] Ubuntu-sudo usage..

Le Xuan Thao thaolx at gmail.com
Fri Jan 5 05:21:11 ICT 2007 

On Thu, Jan 04, 2007 at 05:46:14PM +0700, Steve  wrote:
> O
> >>
> >> >In the old days, an unauthorized user as root could steal/destroy the
> >> >data of all users, as well as bring the system down, but as an
> >> >unprivileged user, could only steal/destroy that one user's data.  But
> >> >now, there only *is* one user.
> >> Not sure what you mean?  Linux is still just as much a multi-user
> >> system as it ever was.  The difference is that sudo allows individual
> >> users to gain elevated permissions without having to share a password
> >> among everybody.  Note also that sudo's permissions can be very finely
> >> tuned - you can grant one user permission to run one command only if you
> >> so wish.
> >
> , Le Xuan Thao <thaolx at gmail.com> wrote:
> >What he meant is that when you are the only user of the system then
> >system files do not matter as much as in multi-user systems. Your
> >personal files are much more important. If your account is compromised,
> >it's end of story, while in multi-user systems other users can still
> >work normally as long as the attacker does not have root priviledge. So
> >in one-user system su or sudo could be considered as warning when you
> >try to do something that might be dangerous. The "extra protection" is not
> >much since there is no other user to protect. That makes sense to me.
> 
> 
> Problem is that you only think about your own data and your own user.
> Your data is probably not important to many people. (This sounds harsh,
> but it is reality) Most crackers are not interested in your data, they
> are interested in your resources; the computer, your Internet
> connection.
> 
You are absolutely right in this respect. On the other hand, even though
most people are not interested in my own data, the greatest risk to me
is that my data got hold by the wrong hand, be it a competitor or just a
nosy person. Spam and backdoors may be annoying to other people, it does
no more harm to the me. Besides that, I agree with you about the rest. A
computer should be made as secure as possible if using it is still
practical.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.hanoilug.org/pipermail/hanoilug/attachments/20070105/c1bd8bbc/attachment.pgp

More information about the HanoiLUG mailing list