Hello,
R. G. Newbury wrote:
Mikkel L. Ellertson wrote:
After all, we do not want to see Linux systems that are as insecure
as Windows systems are by default. Running as root all the tine
defeats most of the security of a Linux system.
Mikkel
Well how *exactly* does running *as root*
On Sat, 2008-12-06 at 19:34 -0500, R. G. Newbury wrote:
Mikkel L. Ellertson wrote:
After all, we do not want to see Linux systems that are as insecure
as Windows systems are by default. Running as root all the tine
defeats most of the security of a Linux system.
Mikkel
Well how
Fred Silsbee wrote:
You don't see it do you!
No. I obviously only want to control you by arguing for a reasonable
*default* setting.
What you are proposing would take a massive intricate system to
protect people from themselves.
Hardly. What I have suggested is what is already being done
Gene Heskett wrote:
--- On Sat, 12/6/08, Todd Zullinger [EMAIL PROTECTED] wrote:
Gene Heskett wrote:
Apparently so, but then the install doesn't add the one user it
asks you to define to the sudoers file, and to fix that requires
a reboot to single mode.
No it doesn't. You run su -c visudo
Tim:
Compared to logging in graphically as root leaves you
much more open to security flaws in the graphical systems doing much
more than you were doing.
Tom Horsley:
Ah yes, here it is again - GUIS are horribly flawed and
ridden through with security bugs.
No... Complex things are more
Fred Silsbee wrote:
You don't see it do you! What you are proposing would take a
massive intricate system to protect people from themselves. SELINUX
is already a super mess duplicating controls already in place and
adding to the CPU burden.
One thing you seem to be missing - this is not
Tom Horsley wrote:
On Sat, 06 Dec 2008 16:10:36 +1030
Tim [EMAIL PROTECTED] wrote:
Compared to logging in graphically as root leaves you
much more open to security flaws in the graphical systems doing much
more than you were doing.
Ah yes, here it is again - GUIS are horribly flawed and
--- On Sat, 12/6/08, Mikkel L. Ellertson [EMAIL PROTECTED] wrote:
From: Mikkel L. Ellertson [EMAIL PROTECTED]
Subject: Re: root in FC 10
To: Community assistance, encouragement, and advice for using Fedora.
fedora-list@redhat.com
Date: Saturday, December 6, 2008, 3:54 PM
Fred Silsbee
On Sat, 2008-12-06 at 01:42 -0500, Tom Horsley wrote:
On Sat, 06 Dec 2008 16:10:36 +1030
Tim [EMAIL PROTECTED] wrote:
Compared to logging in graphically as root leaves you
much more open to security flaws in the graphical systems doing much
more than you were doing.
Ah yes, here it is
--- On Sat, 12/6/08, Mikkel L. Ellertson [EMAIL PROTECTED] wrote:
From: Mikkel L. Ellertson [EMAIL PROTECTED]
Subject: Re: root in FC 10
To: Community assistance, encouragement, and advice for using Fedora.
fedora-list@redhat.com
Date: Saturday, December 6, 2008, 3:59 PM
Tom Horsley
--- On Sat, 12/6/08, Craig White [EMAIL PROTECTED] wrote:
From: Craig White [EMAIL PROTECTED]
Subject: Re: root in FC 10
To: Community assistance, encouragement, and advice for using Fedora.
fedora-list@redhat.com
Date: Saturday, December 6, 2008, 4:11 PM
On Sat, 2008-12-06 at 01:42
I'm please Fedora 10 ships with graphical root logins disabled by
default. It is an excellent security step. I have a test system set up
downstairs that I have been using quite a bit. For the first time I'm
using SELinux in full enforcing mode and I'm not seeing terrible
problems (at least not
Robert L Cochran wrote:
I'm please Fedora 10 ships with graphical root logins disabled by
default.
I must say I haven't noticed that, as I haven't logged in as root for years.
But I do recall one time when it was useful,
when my home directory was damaged in some way.
I was going to say, I
Fred Silsbee wrote:
EEEWWW! save me from making a mistake..PLEASE!
Pontius Pilate in the movie Ben Hur:
we mature through fault, we progress through error
If a newbie screws up his computer, he will learn a lot from
having to start over!
What would be better: send you to his
Timothy Murphy wrote:
Robert L Cochran wrote:
I'm please Fedora 10 ships with graphical root logins disabled by
default.
I must say I haven't noticed that, as I haven't logged in as root for years.
But I do recall one time when it was useful,
when my home directory was damaged in some
Timothy Murphy wrote:
I was going to say, I suppose one could always go into text mode,
but as far as I can see, Ctrl-Alt-F1 no longer does this?
X is now started on VT1, which is where Ctrl-Alt-F1 takes you. But
you still have VT2-VT6. Just use Ctrl-Alt-F2 to get to text mode.
--
Todd
--- On Sat, 12/6/08, Mikkel L. Ellertson [EMAIL PROTECTED] wrote:
From: Mikkel L. Ellertson [EMAIL PROTECTED]
Subject: Re: root in FC 10
To: Community assistance, encouragement, and advice for using Fedora.
fedora-list@redhat.com
Date: Saturday, December 6, 2008, 7:19 PM
Fred Silsbee
Mikkel L. Ellertson wrote:
After all, we do not want to see Linux systems that are as insecure
as Windows systems are by default. Running as root all the tine
defeats most of the security of a Linux system.
Mikkel
Well how *exactly* does running *as root* defeat *most* of the security
of a
R. G. Newbury wrote:
Mikkel L. Ellertson wrote:
After all, we do not want to see Linux systems that are as insecure
as Windows systems are by default. Running as root all the tine
defeats most of the security of a Linux system.
Mikkel
Well how *exactly* does running *as root* defeat *most*
I upgraded a throw away test system from FC 8 to FC 10. When it
finished, I tried logging in as root user and could not.
Logging in as a normal user I went to a text session and the su command
worked with the old root password.
Did I do something wrong or is this something new to 10?
the file, log out, log back in,
end you should be able to access asroot... Date: Fri, 5 Dec 2008 03:20:02
-0700 From: [EMAIL PROTECTED] To: fedora-list@redhat.com Subject: root in FC
10 I upgraded a throw away test system from FC 8 to FC 10. When it
finished, I tried logging in as root user
(or something like that)
comment out the line, or delete it...
save the file, log out, log back in, end you should be able to access as
root...
Date: Fri, 5 Dec 2008 03:20:02 -0700
From: [EMAIL PROTECTED]
To: fedora-list@redhat.com
Subject: root in FC 10
I upgraded a throw away test system from FC 8
2008/12/5 Mike Dwiggins [EMAIL PROTECTED]:
I upgraded a throw away test system from FC 8 to FC 10. When it finished, I
tried logging in as root user and could not.
Logging in as a normal user I went to a text session and the su command
worked with the old root password.
Did I do something
Dave Cross wrote:
2008/12/5 Mike Dwiggins [EMAIL PROTECTED]:
I upgraded a throw away test system from FC 8 to FC 10. When it finished, I
tried logging in as root user and could not.
Logging in as a normal user I went to a text session and the su command
worked with the old root password.
to log in as root...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Robert Moskowitz
Sent: Friday, December 05, 2008 4:35 AM
To: Community assistance, encouragement,and advice for using Fedora.
Subject: Re: root in FC 10
Dave Cross wrote:
2008/12/5
, encouragement,and advice for using Fedora.
Subject: Re: root in FC 10
bruce wrote:
hey robert.
Bruce, avoid top posting...
do a search, look for pam/gdm/root/user... there's a config file that can
be
modified to allow for initial root login initially at the start..
Already done that. Just
On Friday 05 December 2008 10:20:02 Mike Dwiggins wrote:
I upgraded a throw away test system from FC 8 to FC 10. When it
finished, I tried logging in as root user and could not.
Logging in as a normal user I went to a text session and the su command
worked with the old root password.
Did I
Nick Price wrote:
Hi
I had the same problem
do this... got this from this group earlier and it worked for me
su - root
password: whatever it is
edit /etc/pam.d
vi /etc/pam.d (or use your favorite editor)
look for a line that has:
user != root (or something like that)
comment
From: Robert Moskowitz [EMAIL PROTECTED]
Already done that. Just chirping in again about why someone relatively
sane would want to log in as root...
Because he's actually, you know, SANE and does not get an attack of the
vapours and go all weak-kneed at the thought of actually doing something
--- On Fri, 12/5/08, R. G. Newbury [EMAIL PROTECTED] wrote:
From: R. G. Newbury [EMAIL PROTECTED]
Subject: Re: root in FC 10
To: fedora-list@redhat.com
Date: Friday, December 5, 2008, 4:25 PM
From: Robert Moskowitz [EMAIL PROTECTED]
Already done that. Just chirping in again about why
On Fri, 5 Dec 2008 08:25:15 -0500
Robert Moskowitz [EMAIL PROTECTED] wrote:
Already done that. Just chirping in again about why
someone relatively sane would want to log in as root...
I'm sure that I will get blasted for writing this but this
is an issue that seems overdone. Whatever
--- On Fri, 12/5/08, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
From: [EMAIL PROTECTED] [EMAIL PROTECTED]
Subject: Re: root in FC 10
To: fedora-list@redhat.com
Date: Friday, December 5, 2008, 4:56 PM
On Fri, 5 Dec 2008 08:25:15 -0500
Robert Moskowitz [EMAIL PROTECTED] wrote:
Already
On Friday 05 December 2008, Dave Cross wrote:
2008/12/5 Mike Dwiggins [EMAIL PROTECTED]:
I upgraded a throw away test system from FC 8 to FC 10. When it finished,
I tried logging in as root user and could not.
Logging in as a normal user I went to a text session and the su command
worked
--- On Fri, 12/5/08, Gene Heskett [EMAIL PROTECTED] wrote:
From: Gene Heskett [EMAIL PROTECTED]
Subject: Re: root in FC 10
To: Community assistance, encouragement, and advice for using Fedora.
fedora-list@redhat.com
Date: Friday, December 5, 2008, 6:20 PM
On Friday 05 December 2008
On Friday 05 December 2008, Fred Silsbee wrote:
why not let everybody do as they please?
That folks, is the crux of the matter right there.
If somebody then makes a mess, it is their problem
Which when there are problems, we try to solve, and if its beyond our
knowledge, yell for help with.
On Fri, 5 Dec 2008 09:32:45 -0800 (PST)
Fred Silsbee [EMAIL PROTECTED] wrote:
nothing wrong with your reasoning except that you can't
constrain everybody to accept *your* logic
such is the stuff of religious wars
live and let live
You are right. I learned that lesson from the Prop 8
Gene Heskett wrote:
Disabling root login is a common security practice. Sounds like it's
been disabled by default in F10. That's got to be a good thing.
Apparently so, but then the install doesn't add the one user it asks
you to define to the sudoers file, and to fix that requires a reboot
to
--- On Sat, 12/6/08, Todd Zullinger [EMAIL PROTECTED] wrote:
From: Todd Zullinger [EMAIL PROTECTED]
Subject: Re: root in FC 10
To: fedora-list@redhat.com
Date: Saturday, December 6, 2008, 12:04 AM
Gene Heskett wrote:
Disabling root login is a common security practice.
Sounds like it's
Fred Silsbee wrote:
disabling root access is what the root password is for
Perhaps there's a misunderstanding here. Root access has not been
disabled. What is disabled by default is logging in via GDM as root.
You can still use su -c 'command' just fine. That is a far better
method than
On Fri, 2008-12-05 at 11:56 -0500, [EMAIL PROTECTED] wrote:
Again, I am unable to appreciate a great deal of difference between
logging in as root and using su providing that you are only logging in
as root to do system configuration and maintenance.
The significant difference between them is
On Fri, 2008-12-05 at 21:02 -0800, Fred Silsbee wrote:
I've been logging into root for 11.5 tears on Linux alone without
problems
And others have been logging in as root for umpteen years and causing
themselves considerable problems because of this. At least one of them
is on this list, and
On Sat, 06 Dec 2008 16:10:36 +1030
Tim [EMAIL PROTECTED] wrote:
Compared to logging in graphically as root leaves you
much more open to security flaws in the graphical systems doing much
more than you were doing.
Ah yes, here it is again - GUIS are horribly flawed and
ridden through with
--- On Sat, 12/6/08, Tom Horsley [EMAIL PROTECTED] wrote:
From: Tom Horsley [EMAIL PROTECTED]
Subject: Re: root in FC 10
To: fedora-list@redhat.com
Date: Saturday, December 6, 2008, 6:42 AM
On Sat, 06 Dec 2008 16:10:36 +1030
Tim [EMAIL PROTECTED] wrote:
Compared to logging
Tom Horsley wrote:
On Sat, 06 Dec 2008 16:10:36 +1030 Tim
[EMAIL PROTECTED] wrote:
Compared to logging in graphically as root leaves you much more
open to security flaws in the graphical systems doing much more
than you were doing.
Ah yes, here it is again - GUIS are horribly flawed and
--- On Sat, 12/6/08, Todd Zullinger [EMAIL PROTECTED] wrote:
From: Todd Zullinger [EMAIL PROTECTED]
Subject: Re: root in FC 10
To: fedora-list@redhat.com
Date: Saturday, December 6, 2008, 7:32 AM
Tom Horsley wrote:
On Sat, 06 Dec 2008 16:10:36 +1030 Tim
[EMAIL PROTECTED] wrote
On Saturday 06 December 2008, Fred Silsbee wrote:
--- On Sat, 12/6/08, Todd Zullinger [EMAIL PROTECTED] wrote:
From: Todd Zullinger [EMAIL PROTECTED]
Subject: Re: root in FC 10
To: fedora-list@redhat.com
Date: Saturday, December 6, 2008, 12:04 AM
Gene Heskett wrote:
Disabling root login
46 matches
Mail list logo