On Fri, 22 Sep 2017 at 19:56:27 -0400 Hendrik Boom <hend...@topoi.pooq.com> wrote:
> On Fri, Sep 22, 2017 at 06:27:59AM +0100, KatolaZ wrote: >> On Thu, Sep 21, 2017 at 09:41:08PM +0100, Dave Turner wrote: >> >> [cut] >> >>> The bottle of wine isn't quite finished yet, but I am not trying to >>> force anyone to stop using 'su'. >>> >>> It IS a really bad idea though, rummage the interweb, somewhere in >>> there is a really good write up on why su is bad and sudo is good. > > The problem with su is that you may forget you are superuser and start > doing dangerous things, > > That's it. There's more to that. One of the major dangers is that typing passwords is itself dangerous, expecially in the many environments where webcams and microphones are abundant. Both seeing a person type a prassword and recording the sounds the keyboard produces can easily lead an attacker to reconstruct the password that was typed. [...] > Can we agree there's a valid use for su? A few of the times, never when not in a controlled, safe environment. > And that is isn't for everyone? Indeed. Regards, Alessandro _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
