Re: dangerous to leave root logged in?
From: Michael Zawrotny (zawrotny_at_sb.fsu.edu)
Date: 03/30/05
- Next message: Jose Maria Lopez Hernandez: "Re: enables access to .config"
- Previous message: Stachu 'Dozzie' K.: "Re: enables access to .config"
- In reply to: Shane (aka froggy): "Re: dangerous to leave root logged in?"
- Next in thread: Steve Ackman: "Re: dangerous to leave root logged in?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 30 Mar 2005 17:36:00 GMT
Shane (aka froggy) <spamspamuber.l33t.god@spamgmail.com> wrote:
>
> > But if he has four xterms open, one of which is a root shell, he
> > might accidentally get the focus into the wrong one.
> >
>
> I am constantly guilty of this I have multiple xterms open some
> with root logged in and the number of times I have executed
> commands as root when I meant to do this as a user is to the point
> you would have thought I have learnt my lesson by now (usually I
> wince for an hour or so then go right back to doing it)
I avoid this with a short shell script (see below) that I call "rw" for
"root window" that sets the background color to one color if it is a
local root, and a different one if it is remote. This way I am clued
in immediately by the background color about whether a given window is
running as my regular user account, local root, or remote root.
That being said, I screen lock my workstation when I walk away from
it, and my office door is set so that it locks when it is closed. I
would never leave an unlocked root window/console on a machine used by
regular (non-priveleged) users.
If the OP insists on leaving root logged in on a multi-user machine,
despite the recommendations of everyone here (myself included), the
best that he can do is to set the screensaver to lock after one minute
of idle time (for X), and/or religiously use either "vlock" or
"lockvt" (for console) when walking away from the machine. But these
are at least somewhat fragile in that they rely on either a small
timeout or remembering to lock *every* time you walk away. So the
answer still mostly boils down to "don't do that".
mez{~}$ more ~/bin/rw
#!/bin/sh
if [ $# = 0 ] ; then
bg=lightblue
host=`hostname | perl -pe 's/\..*//'`
root="su -"
else
bg=cadetblue
host=$1
root="ssh $host -l root"
fi
title="root@${host}"
PATH=${PATH}:/usr/X11R6/bin
xterm -bg $bg -fg black -fn 7x14 -title $title -e $root &
# end of rw script
Mike
-- Michael Zawrotny Institute of Molecular Biophysics Florida State University | email: zawrotny@sb.fsu.edu Tallahassee, FL 32306-4380 | phone: (850) 644-0069
- Next message: Jose Maria Lopez Hernandez: "Re: enables access to .config"
- Previous message: Stachu 'Dozzie' K.: "Re: enables access to .config"
- In reply to: Shane (aka froggy): "Re: dangerous to leave root logged in?"
- Next in thread: Steve Ackman: "Re: dangerous to leave root logged in?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
