[784] in linux-security and linux-alert archive
Re: [linux-security] standard users,groups,perms?
daemon@ATHENA.MIT.EDU (Jeff Uphoff)
Tue Jun 11 12:43:29 1996
Date: Tue, 11 Jun 1996 12:12:29 -0400
From: Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>
To: linux-security@tarsier.cv.nrao.edu
CC: "Matthew J. Hill" <matt@microhertz.njit.edu>
In-Reply-To: Your message of Mon, June 10, 1996 21:34:57 -0400
"MJH" == Matthew J Hill <matt@microhertz.njit.edu> writes:
MJH> another, equally important issue, is the use of dotfiles. root
MJH> shouldn't have any. *any.*
This is getting heavily into the realm of religion, but I have to mildly
disagree here; one example of a very useful dotfile (well...directory,
in this case):
~root/.ssh/
Oftentimes, due to locally-determined conditions (commonly found in
medium-to-large site installations), root on one system *must* trust
root on another (e.g. for certain types of backups, rdist jobs, and the
like). I'd much rather define that trust in terms of a (possibly
passphrase-protected) SSH key than a vanilla .rhosts file, for obvious
reasons. SSH's encrypted connection is a nice side benefit as well....
MJH> fancy prompts and "alias rm='rm -i'" can only muck things up,
MJH> espically if multiple users share the root account.
A bit of disagreement here too: I find a prompt that really stands out
and SHOUTS a constant reminder that the uid is 0 to be A Good Thing.
--Up.
--
Jeff Uphoff - systems/network admin. | juphoff@nrao.edu
National Radio Astronomy Observatory | juphoff@bofh.org.uk
Charlottesville, VA, USA | jeff.uphoff@linux.org
PGP key available at: http://www.cv.nrao.edu/~juphoff/