From: Ian Zimmerman <itz@very.loosely.org>
To: gentoo-user@lists.gentoo.org
Subject: [gentoo-user] Re: escape from i3lock
Date: Thu, 11 Jul 2019 09:49:47 -0700 [thread overview]
Message-ID: <20190711164947.jpotcs36eb2ibkm2@matica.foolinux.mooo.com> (raw)
In-Reply-To: <CAC=wYCF0tngNrHr7y2J-XAN5VVci9vzE7BOn3VKKMfLyJWuZjQ@mail.gmail.com>
On 2019-07-11 10:43, Adam Carter wrote:
> > No, it's my way to run things as root, in general. I distrust su, sudo
> > and friends.
> >
>
> su is mature, well understood and the standard way of doing things. If you
> had run an extra term in your X session that had been su'd to root, you
> wouldn't be exposing a root shell at the console. Perhaps your distrust of
> su is making you less secure? You might be thinking in absolutes, eg "su
> is insecure" but its better to think along the lines of "is <some option>
> more or less secure than su?"
I have specific reason for the distrust [1].
Your argument regarding _relative_ security is well taken. But I still
feel that having the root shell outside of my X session would be more
secure, providing I close the switching hole.
[1]
https://www.openwall.com/lists/owl-users/2004/10/20/6
--
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet and on broken lists
which rewrite From, fetch the TXT record for no-use.mooo.com.
next prev parent reply other threads:[~2019-07-11 16:50 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-10 17:03 [gentoo-user] escape from i3lock Ian Zimmerman
2019-07-10 18:44 ` François-Xavier CARTON
2019-07-10 22:48 ` [gentoo-user] " Ian Zimmerman
2019-07-10 23:21 ` artur.tamm.85
2019-07-10 23:46 ` artur.tamm.85
2019-07-11 16:57 ` Ian Zimmerman
2019-07-11 20:47 ` Ian Zimmerman
2019-07-11 21:01 ` artur.tamm.85
2019-07-11 21:10 ` Laurence Perkins
2019-07-12 0:11 ` David Haller
2019-07-12 1:17 ` Laurence Perkins
2019-07-12 8:48 ` Michele Alzetta
2019-07-11 0:43 ` Adam Carter
2019-07-11 16:49 ` Ian Zimmerman [this message]
2019-07-11 20:28 ` Nuno Silva
2019-07-12 16:01 ` Ian Zimmerman
2019-07-12 16:05 ` Michele Alzetta
2019-07-12 16:09 ` Laurence Perkins
2019-07-13 19:11 ` Nuno Silva
2019-07-10 19:23 ` [gentoo-user] " Alec Ten Harmsel
2019-07-10 20:52 ` Neil Bothwick
2019-07-10 21:00 ` Alec Ten Harmsel
2019-07-10 22:45 ` [gentoo-user] " Ian Zimmerman
2019-07-10 21:18 ` [gentoo-user] " Francesco Turco
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190711164947.jpotcs36eb2ibkm2@matica.foolinux.mooo.com \
--to=itz@very.loosely.org \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox