Stroller wrote:
On 14 Nov 2009, at 20:46, Alan McKinnon wrote:
...
You are right of course, but in this particular case the guy who pays
wants to have root access.
And you agreed to work like that?
So when he fucks things up good royal and proper, will he gladly
accept his
shafting and
On Sunday 15 November 2009 07:15:43 Stroller wrote:
On 14 Nov 2009, at 20:46, Alan McKinnon wrote:
...
You are right of course, but in this particular case the guy who pays
wants to have root access.
And you agreed to work like that?
So when he fucks things up good royal and
On Sun, 15 Nov 2009 05:15:43 +, Stroller wrote:
So when he fucks things up good royal and proper, will he gladly
accept his
shafting and pay you more to undo it? Or will he do the usual
customer stunt
and blame you?
My typical experience is that the customer will take it
On Sunday 15 November 2009 10:52:51 Neil Bothwick wrote:
On Sun, 15 Nov 2009 05:15:43 +, Stroller wrote:
So when he fucks things up good royal and proper, will he gladly
accept his
shafting and pay you more to undo it? Or will he do the usual
customer stunt
and blame you?
On 15 Nov 2009, at 08:26, Alan McKinnon wrote:
...
My typical experience is that the customer will take it completely on
the chin and pay me to fix the problems. That doesn't make foul-ups
due to such unnecessary meddling any less frustrating, though.
My experience has been completely the
On Sun, 15 Nov 2009 12:52:41 +0200, Alan McKinnon wrote:
Why not use sudo to give the customer's account almost full root
access? Not only does this allow you to restrict which damaging
commands he can run but sudo logs each command it runs, so you have
CYA insurance.
Double CYA
On Sunday 15 November 2009 14:47:14 Stroller wrote:
I find the root password in a sealed envelope in the safe is the ideal
insurance for that.
Totally agree.
My biggest customer, unfortunately, has taken on a large investment of
capital recently, resulting in a new director who's
On Fri, Nov 13, 2009 at 7:24 PM, Mick michaelkintz...@gmail.com wrote:
On Thursday 12 November 2009 23:08:18 Iain Buchanan wrote:
On Thu, 2009-11-12 at 22:18 +, Mick wrote:
On Thursday 12 November 2009 22:09:01 Alan McKinnon wrote:
Gdm itself has a config option to disallow root logins
On Sat, Nov 14, 2009 at 2:01 AM, Joshua Murphy poiso...@gmail.com wrote:
On Fri, Nov 13, 2009 at 7:24 PM, Mick michaelkintz...@gmail.com wrote:
On Thursday 12 November 2009 23:08:18 Iain Buchanan wrote:
On Thu, 2009-11-12 at 22:18 +, Mick wrote:
On Thursday 12 November 2009 22:09:01 Alan
On Saturday 14 November 2009 07:01:19 Joshua Murphy wrote:
On Fri, Nov 13, 2009 at 7:24 PM, Mick michaelkintz...@gmail.com wrote:
On Thursday 12 November 2009 23:08:18 Iain Buchanan wrote:
On Thu, 2009-11-12 at 22:18 +, Mick wrote:
On Thursday 12 November 2009 22:09:01 Alan McKinnon
On Saturday 14 November 2009 21:32:39 Mick wrote:
Approach security a little more sanely and don't give untrusted users
root access? If you have to take steps to restrict the root account,
you need to rethink who has use of it. Preventing damage in the event
that the system does get
On 14 Nov 2009, at 20:46, Alan McKinnon wrote:
...
You are right of course, but in this particular case the guy who pays
wants to have root access.
And you agreed to work like that?
So when he fucks things up good royal and proper, will he gladly
accept his
shafting and pay you more to
On Thu, Nov 12, 2009 at 3:46 PM, Mick michaelkintz...@gmail.com wrote:
On Thursday 12 November 2009 21:34:24 Paul Hartman wrote:
On Thu, Nov 12, 2009 at 2:01 PM, Mick michaelkintz...@gmail.com wrote:
I should know how to do this ...
It isn't as simple as commenting out vc7 in
On Thursday 12 November 2009 23:08:18 Iain Buchanan wrote:
On Thu, 2009-11-12 at 22:18 +, Mick wrote:
On Thursday 12 November 2009 22:09:01 Alan McKinnon wrote:
Gdm itself has a config option to disallow root logins
Ahh, unfortunately I can only access it remotely via ssh at this
Am Donnerstag 12 November 2009 21:01:45 schrieb Mick:
Is there a trick I could add in /etc/pam.d/login or one of the
/etc/pam.d/gdm* files perhaps?
Use kdm and set AllowRootLogin=false in /usr/share/config/kdm/kdmrc.
HTH...
Dirk
signature.asc
Description: This is a digitally
On Thursday 12 November 2009 20:39:41 Dirk Heinrichs wrote:
Am Donnerstag 12 November 2009 21:01:45 schrieb Mick:
Is there a trick I could add in /etc/pam.d/login or one of the
/etc/pam.d/gdm* files perhaps?
Use kdm and set AllowRootLogin=false in /usr/share/config/kdm/kdmrc.
Thanks, but
Am Donnerstag 12 November 2009 21:56:48 schrieb Mick:
Thanks, but the box in question is running Gnome.
So what? Nothing stops you from starting a gnome session via kdm.
Bye...
Dirk
signature.asc
Description: This is a digitally signed message part.
On Thu, Nov 12, 2009 at 2:01 PM, Mick michaelkintz...@gmail.com wrote:
I should know how to do this ...
It isn't as simple as commenting out vc7 in /etc/securetty, right? The
persistent offenders would try to start another X session on a different vc.
Is there a trick I could add in
On Thursday 12 November 2009 21:34:24 Paul Hartman wrote:
On Thu, Nov 12, 2009 at 2:01 PM, Mick michaelkintz...@gmail.com wrote:
I should know how to do this ...
It isn't as simple as commenting out vc7 in /etc/securetty, right? The
persistent offenders would try to start another X
On Thursday 12 November 2009 23:46:27 Mick wrote:
On Thursday 12 November 2009 21:34:24 Paul Hartman wrote:
On Thu, Nov 12, 2009 at 2:01 PM, Mick michaelkintz...@gmail.com wrote:
I should know how to do this ...
It isn't as simple as commenting out vc7 in /etc/securetty, right? The
Gdm itself has a config option to disallow root logins
On Nov 12, 2009 10:02 PM, Mick michaelkintz...@gmail.com wrote:
I should know how to do this ...
It isn't as simple as commenting out vc7 in /etc/securetty, right? The
persistent offenders would try to start another X session on a
On Thursday 12 November 2009 21:56:00 Alan McKinnon wrote:
On Thursday 12 November 2009 23:46:27 Mick wrote:
On Thursday 12 November 2009 21:34:24 Paul Hartman wrote:
On Thu, Nov 12, 2009 at 2:01 PM, Mick michaelkintz...@gmail.com wrote:
I should know how to do this ...
It isn't
On Thursday 12 November 2009 22:09:01 Alan McKinnon wrote:
Gdm itself has a config option to disallow root logins
Ahh, unfortunately I can only access it remotely via ssh at this stage.
Hopefully the pam method will work fine.
Thanks again.
--
Regards,
Mick
signature.asc
Description: This
On Thu, 2009-11-12 at 22:18 +, Mick wrote:
On Thursday 12 November 2009 22:09:01 Alan McKinnon wrote:
Gdm itself has a config option to disallow root logins
Ahh, unfortunately I can only access it remotely via ssh at this stage.
Hopefully the pam method will work fine.
You don't need
On Fri, 13 Nov 2009 00:08:18 +0100, Iain Buchanan iai...@netspace.net.au
wrote:
However, if someone has the root password to log in to X, then what's to
stop them changing anything you do now?
I've been wondering about the very same thing... Perhaps it's just to only
have a root shell
25 matches
Mail list logo