Re: dangerous to leave root logged in?
From: Trygve Selmer (trselmer_at_start.no)
Date: 03/29/05
- Next message: Keith Keller: "Re: dangerous to leave root logged in?"
- Previous message: prg: "Re: dangerous to leave root logged in?"
- In reply to: hans_schulze98_at_yahoo.de: "Re: dangerous to leave root logged in?"
- Next in thread: Unruh: "Re: dangerous to leave root logged in?"
- Reply: Unruh: "Re: dangerous to leave root logged in?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Mar 2005 03:16:39 +0200
hans_schulze98@yahoo.de wrote:
> Keith Keller wrote:
>
>>On 2005-03-28, hans_schulze98@yahoo.de <hans_schulze98@yahoo.de>
>
> wrote:
>
>>>The question is not whether to run things root or not. The
>>>question is if you can leave them sitting logged on as root
>>>when idle.
>>
>>The answer is still the same: you can, but I wouldn't.
>>
>>I think we're still lacking in specifics: what exactly is it
>>that you need to do that you want to have root logged in
>>constantly? Perhaps if you gave details, people would either
>>back off or give you other alternatives you maybe haven't
>>thought of. But so far you've given no compelling reason
>>(for me, anyway) to leave root logged in.
>
> You're right, Keith, I haven't really. Of course, some people are
> impossible to convince, eg those who think it is best to use sudo (and
> type password) for every single command run as root. I am not one of
> them. I want things reasonably easy. Here's some examples (they will
> not convince the die-hards but then nothing can).
Just make it safe! If you need root for specific jobs, run ssh. If you
don't want to type your password each time, use ssh key authentication.
> There's a tool here that checks for updates and tells me which ones are
> out there (about 1 per day), what it updated and why. Every time it
> starts it hogs the cpu and disk for 2 minutes (rpm database or
> whatnot), and you have to stare at the screen for 2 minutes before it
> runs. Or you just leave it running (which I do).
This is what cron is all about.
> There's some email sent to root about small things here and then. You
> can periodically log in to see if there's mail. Or you leave the mailer
> running (which I do).
Make an alias from root to a regular user (your own user account).
> There's small jobs to do with changing config files or changing file
> permissions or moving files between accounts here and then. You can su
> each time. Or you leave a root xterm running.
This is why we have su/sudo.
> And so on. Probably everything can be done with su/sudo per-command,
> probably even on a text terminal. It only takes twice as much typing.
Use ssh to connect remotely for this kind of jobs, even if it means you
have to learn basic CLI programs. X is overkill and unsafe.
- Next message: Keith Keller: "Re: dangerous to leave root logged in?"
- Previous message: prg: "Re: dangerous to leave root logged in?"
- In reply to: hans_schulze98_at_yahoo.de: "Re: dangerous to leave root logged in?"
- Next in thread: Unruh: "Re: dangerous to leave root logged in?"
- Reply: Unruh: "Re: dangerous to leave root logged in?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
