Re: Initial setup - security risk?

Maybe one of the unix gurus can give you a better dissertation from the theoretical perspective, but my understanding is that you are "just" "user Mike" for all purposes, unless you prefix a particular command with "sudo" or "kdesu" or "gksu", in which case you become the "Super User" (have the power of system administrator) for just that command. But it is only if you "become" root, with that you actually have full-time nuclear power over the system, and thereby can do unlimited damage as well as whatever you want that is not damaging to it.

In other unix and unix-based systems, there is a "root" user, complete with super-secret password who has the System Administration power, but you don't "set up" that user in *buntu, it's just present inherently in the system.

Bottom line -- you did it right.

Re: Initial setup - security risk?

That makes sense. Thank you.

Re: Initial setup - security risk?

Actually, the main security risk must be located at 50-100 cm in front of the machine's display :P

Besides that, granting the ability to become "super user" as need be (instead of creating a separate root account) may or may not be considered a mistake - I do so, others do not ... According to (K)Ubuntu's definition of security, however, what you have done is to be considered "good practice".

--

Further ranting, er, reading

Re: Initial setup - security risk?

LOL. Funny.

I've had no problems using sudo. As long as I can get done what I need to, works for me.

Re: Initial setup - security risk?

This is probably true for all Personal Computer security schemes, U.R. I recall setting up a SCO Unix 386 system on my snazzy 486 33MHz machine back in the early 1990s, complete with "root" and his password, and then those other scumball users and their silly little passwords.

But, he who knows the root password remains the principle threat to the security of the system -- that character 75 cm in front of the console .... :P

Having gotten accustomed, more or less, to the *buntu approach to "Super User", I kind of like it. I think most people, being inclined toward laziness would, if forced to use the root login, stay there just a little too long for their own good (if you see what I mean). This *buntu way, you get ONE sudo command to blow the thing up, and then you have to "sudo" all over again if you want a second chance at it.

Re: Initial setup - security risk?

to the best of my knowledge...
*ubuntu experts pls correct me if am wrong...

*ubuntu does have a root account just like any other distro.
it's not that it doesn't have one.
it does.
it's just that it's locked by default.

the default *ubuntu behaviour is to allow all members of the admin group to become root to issue any commands as root through sudo.
the account created during installation will be a member of the admin group.
i don't know if the users&groups utility places new users in the admin group by default, too.
i never use rubbish system settings, so i don't know.
hopefully it's not that stupid.

*ubuntu (locking the root account by default) can be booted in recovery mode and will log straight in as root.
which is not a very smart thing to allow any passers by to do.
experience (my experience, at least) says that the most danger always comes from inside your organization.

finally, su does not stand for super user.
it stands for substitute user.

agree.

Re: Initial setup - security risk?

It does not (not yet, as I dare to say ...) - but folks will find out soon enough how to do it by themselves, as, due to Ubuntu's - from my point of view: abusive - reimplementation of the classic Unix tool, this possibility is merely "one mouseclick away" ...

Re: Initial setup - security risk?

I just use the root terminal when I need to do several things. It's kinda kreepy, tho, cause I still don't feel like I'm root at that point. :-)

Re: Initial setup - security risk?

I did not know that jankushka -- I really liked it when I thought I was a Super User! Now I'm kinda depressed ....


I "learned it wrong" in Keir Thomas' book "Beginning Ubuntu Linux" p.223 -- he says "sudo is short for superuser do". Well, OK, he can be depressed too!