From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1OiZkH-0006Zb-3s for garchives@archives.gentoo.org; Mon, 09 Aug 2010 21:18:57 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6F5A2E0BCF; Mon, 9 Aug 2010 21:17:52 +0000 (UTC) Received: from smtp-relay2.uniserve.ca (smtp-relay2f.uniserve.ca [216.113.194.204]) by pigeon.gentoo.org (Postfix) with ESMTP id 4457CE0BCF for ; Mon, 9 Aug 2010 21:17:52 +0000 (UTC) Received: from ip-223.82.126.206.dsl-cust.ca.inter.net ([206.126.82.223] helo=ca.inter.net) by smtp-relay2.uniserve.ca with smtp (Exim 4.69) (envelope-from ) id 1OiZjC-0007Bt-J4 for gentoo-user@lists.gentoo.org; Mon, 09 Aug 2010 14:17:51 -0700 Received: by ca.inter.net (sSMTP sendmail emulation); Mon, 09 Aug 2010 17:17:49 -0400 Date: Mon, 9 Aug 2010 17:17:49 -0400 From: Philip Webb To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Rooted/compromised Gentoo, seeking advice Message-ID: <20100809211749.GF4258@ca.inter.net> Mail-Followup-To: gentoo-user@lists.gentoo.org References: <201008092009.38665.michaelkintzios@gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-06-14) X-Sender-Info: purslow@ca.inter.net X-Scanner: OK. Scanned. X-Uniserve-Spam-Score: 0.1 1 (/) X-Uniserve-Spam-Report: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- 0.1 RDNS_DYNAMIC Delivered to trusted network by host with dynamic-looking rDNS X-Archives-Salt: ed9a86e7-738b-4b62-b020-d7d88db0f959 X-Archives-Hash: 1d7aadd20040b87ed67bd7cb12ad430f 100809 Robert Bridge wrote: > On Mon, Aug 9, 2010 at 8:09 PM, Mick wrote: >> There have been discussions on this list why sudo is a bad idea >> and sudo on *any* command is an even worse idea. >> You might as well be running everything as root, right? > sudo normally logs the command executed and the account which executes it, > so while not relevant for single user systems, > it STILL has benefits over running as root. I follow 2 simple rules: (1) never start X as root -- I open in a raw terminal, then 'startx', so it's ok to login there as root to get some system fixes done, but of course logout again before starting X as user -- & (2) do all system stuff in a virtual root terminal on its own desktop, where the prompt says 'root' in red letters & the background is black (my user terminal has a white background): that's down in the basement, where all the pipes & wires are & you need a hard hat & safety boots & you need to unlock the basement door, whose key is the root password. also, my user terminal says : 524: gx> which sudo which: no sudo in (/sbin:/usr/sbin:/usr/local/sbin::/bin:/usr/bin:/usr/local/bin:/usr/kde/3.5/bin) -- ========================,,============================================ SUPPORT ___________//___, Philip Webb ELECTRIC /] [] [] [] [] []| Cities Centre, University of Toronto TRANSIT `-O----------O---' purslowatchassdotutorontodotca