On 10/04/2017 at 23:43, Rick Moen wrote: > Quoting Alessandro Selli (alessandrose...@linux.com): > >> You still should use sudo, with a password - the user's own password. >> Using root password many times, every day, is bad for security (the more >> times you type it the higher the chances are it will be captured) and it >> instills the desire of an easy to remember and fast to type password. > Sorry to say, I do not concur with either these assumptions or the chain > of reasoning provided. For the most part, I've already said why, so if > your view on that is different, we can reasonably just agree to > disagree. > > Using a user password as a proxy for the root password is a lot worse > for security, IMO -- and in fact hugely weakening of overall system > security because you use it in a variety of other places for > non-sensitive use-cases,
IMO, using root's password in those same cases is the worst possible password use case. One thing is your non-privileged user's password being captured when you mount an external drive, a different thing is giving away root's password performing the same trivial task. > but it also has a secondary use to escalate > privilege to root. Just like using su does. > (Also, no, I do _not_ end up su'ing to root many > times every day or typically more than once in very many days.) Well, at work I often need to use both my own of fellow colleagues' drives. But your experience might be well different compared to mine. > Something would have to be quite unusual to require using the root > password many times every day, in my experience. Needing to type it just to mount an external drive increases the chances it will be used many times when easily avoidable. > E.g., sometimes people > forget that many needs can be achieved through suitable group > membership. This too would be a better solution than having to use su to just mount external drives. > However, as I said to Steve Litt, IMO mounting/umounting > is, in the general case, security sensitive and ought to be treated with > caution, which includes not permitting arbitrary mounts/umounts by > unprivileged users. This is precisely the reason I suggested using sudo, which allows fine-tuning who gets to do what as another user. > (As someone else said, standard mounts can/should > be automated using autofs, where appropriate.) This too is much better than having to use su. > If your views differ, I am glad that works for you. I actually do not use sudo to mount external drives, just to cryptsetup then open/close. -- Alessandro Selli <alessandrose...@linux.com> Tel. 3701355486 VOIP SIP: dhatarat...@ekiga.net Chiave PGP/GPG key: B7FD89FD _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
