Quoting Alessandro Selli (alessandrose...@linux.com): > You still should use sudo, with a password - the user's own password. > Using root password many times, every day, is bad for security (the more > times you type it the higher the chances are it will be captured) and it > instills the desire of an easy to remember and fast to type password.
Sorry to say, I do not concur with either these assumptions or the chain of reasoning provided. For the most part, I've already said why, so if your view on that is different, we can reasonably just agree to disagree. Using a user password as a proxy for the root password is a lot worse for security, IMO -- and in fact hugely weakening of overall system security because you use it in a variety of other places for non-sensitive use-cases, but it also has a secondary use to escalate privilege to root. (Also, no, I do _not_ end up su'ing to root many times every day or typically more than once in very many days.) Something would have to be quite unusual to require using the root password many times every day, in my experience. E.g., sometimes people forget that many needs can be achieved through suitable group membership. However, as I said to Steve Litt, IMO mounting/umounting is, in the general case, security sensitive and ought to be treated with caution, which includes not permitting arbitrary mounts/umounts by unprivileged users. (As someone else said, standard mounts can/should be automated using autofs, where appropriate.) If your views differ, I am glad that works for you. _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
