From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1OioVd-0005RD-8H for garchives@archives.gentoo.org; Tue, 10 Aug 2010 13:04:49 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 68EB0E09E8 for ; Tue, 10 Aug 2010 13:04:48 +0000 (UTC) Received: from mail-qy0-f174.google.com (mail-qy0-f174.google.com [209.85.216.174]) by pigeon.gentoo.org (Postfix) with ESMTP id 63D77E0914 for ; Tue, 10 Aug 2010 13:03:20 +0000 (UTC) Received: by qyk7 with SMTP id 7so3205433qyk.19 for ; Tue, 10 Aug 2010 06:03:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=JN5G9c9C/+q/zv33ulQJiaImNLk1wTFJZBqIApGOVsM=; b=Oi//xEgtmD812dQU9gvJVn8bXl8kCqUDDHtb63FcqPpe0exBEKEhTcLyjWSADl9g/X ms2FYtX9XSNiQ7UlcvDmLFTD4yB9woGxs4q6HaPA4AgXIVaSRlbPAP+cOhbKHnmfgZYZ Cpy4d/D4CgpyjbBIZmLHSI88/m/jUj4CPEF20= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=FEtAFTFNrW68s2luAwJM8ndnzpF4sFXdz+/n0Rp4MQ2T48cYngkaUjE20UyCroLisu fUbD5eRplGBIzAxaSwkyb0AMxAM3vrCx1E//WwCFmAGYxADTXQtU3fRAUDIKL0EKmFBX yQPf/xaCe4N9hHEyakOS9CZJxjE7vDJRRKyPc= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.224.47.85 with SMTP id m21mr9407753qaf.384.1281445399433; Tue, 10 Aug 2010 06:03:19 -0700 (PDT) Received: by 10.229.249.213 with HTTP; Tue, 10 Aug 2010 06:03:19 -0700 (PDT) In-Reply-To: <20100810011805.GA15816@linux1> References: <201008092009.38665.michaelkintzios@gmail.com> <4C606312.5060105@gmail.com> <20100810011805.GA15816@linux1> Date: Tue, 10 Aug 2010 06:03:19 -0700 Message-ID: Subject: Re: [gentoo-user] Rooted/compromised Gentoo, seeking advice From: "Kevin O'Gorman" To: gentoo-user@lists.gentoo.org Content-Type: multipart/alternative; boundary=00151750e894d51221048d77c14a X-Archives-Salt: 03706e9d-024f-4d55-bab0-6778ac36e3b4 X-Archives-Hash: 73c1041cd111d37117b3096f4470a083 --00151750e894d51221048d77c14a Content-Type: text/plain; charset=ISO-8859-1 On Mon, Aug 9, 2010 at 6:18 PM, William Hubbs wrote: > On Mon, Aug 09, 2010 at 05:30:40PM -0700, Kevin O'Gorman wrote: > > On Mon, Aug 9, 2010 at 1:20 PM, Bill Longman > wrote: > > > I actually prefer "sudo su -" -- as long as I'm giving it away! :o) > > Afaik, there is no reason for "sudo su -" It should be either > > su - > > or, if you are using sudo, > > sudo -i > > The disadvantage of "su -" is that it requires the user to know the root > password. But, "sudo -i" does the same thing without requiring the user > to know the root password. > > You either didn't think or didn't actually try it. "sudo su -" needs a password, but it's the user password. Running su as root never needs a password. Accordingly, this works on a stock Ubuntu with no root password. "su -" requires the root password unless you're already root, and the root password may or may not exist. I didn't know about "sudo -i" (thanks), but when I tried "sudo -i" it immediately asked for a password, for which the user password was sufficient. So it's entirely equivalent to but slightly shorter than my version. I'll stick with mine because it's made of parts I already know and won't forget. I think that if sudoers don't need to enter passwords, they're still equivalent, but I have not tried this. -- Kevin O'Gorman, PhD --00151750e894d51221048d77c14a Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

On Mon, Aug 9, 2010 at 6:18 PM, William = Hubbs <williamh= @gentoo.org> wrote:
On Mon, Aug 09, 2010 at 05:30:40PM -0700,= Kevin O'Gorman wrote:
> On Mon, Aug 9, 2010 at 1:20 PM, Bill Longman <bill.longman@gmail.com> wrote:
> > I actually prefer "sudo su -" -- as long as I'm giv= ing it away! =A0:o)

Afaik, there is no reason for "sudo su -" =A0It shoul= d be either

su -

or, if you are using sudo,

sudo -i

The disadvantage of "su -" is that it requires the user to know t= he root
password. =A0But, "sudo -i" does the same thing without requiring= the user
to know the root password.

You either didn't = think or didn't actually try it. =A0 "sudo su -" needs a pass= word, but it's the
user password.=A0 Running su as root never needs = a password.=A0 Accordingly, this works on
a stock Ubuntu with no root password.

"su -" requires the= root password unless you're already root, and the root password may or= may not exist.

I didn't know about "sudo -i" (thanks)= , but when I tried "sudo -i" it immediately asked for a password,= for which
the user password was sufficient.=A0 So it's entirely equivalent to but= slightly shorter than my version.=A0 I'll stick with
mine because i= t's made of parts I already know and won't forget.
<= br> I think that if sudoers don't need to enter passwords, they're stil= l equivalent, but I have=A0 not tried this.

--
Kevin O'Gorma= n, PhD

--00151750e894d51221048d77c14a--