Linux and Viruses?

pogeymanz · 2009-04-05 13:39:30

Yaro wrote:

2. Before you disable root, install sudo and make sure you have the wheel. sudo is probably the best security tool ever developed for Linux: Temporarily elevate to root permissions for ONE command only. Do NOT enable to NOPASSWORD option in the sudoers file, as that means once someone does manage to break in to a sudoer's account and they have NOPASSWORD set on themselves, it's basically the same as breaking into root.

The only problem with sudo is that it isn't really ONE command only. In the sense that you only have to enter the sudo password once every five minutes to use sudo. I'd prefer if you had to enter it every single time, so that nothing can slip between the cracks.

I do like the idea of disabling root. (TIP: You can still log in as root by logging in as normal user and running "sudo su")

BC · 2009-04-05 13:55:21

pogeymanz wrote:

The only problem with sudo is that it isn't really ONE command only. In the sense that you only have to enter the sudo password once every five minutes to use sudo. I'd prefer if you had to enter it every single time, so that nothing can slip between the cracks.

Sudo has an option to do just that

X/ax · 2009-04-05 16:45:58

And if you don't like the way sudo does it, su -c command is annoying enough to do those things.
Anyway, I read a lot of stuff about people yanking hard drives and such. But did it ever occur to anyone that for someone to do that, you really have to be a target, and being targetted means they won't stop at anything (e.g. the yanking thing).
Most people in the world are never targetted... ever... It's a plain simple fact.

So, unless you have a big company, lots of sensitive data, etc... You won't probably ever have to deal with extreme stuff like that (unless you've got a pissed off friend or something that really knows a lot about breaking into your system)
So, locking the case, grub, bios, etc... It's imho all some overkill. You don't need those. In fact, nobody with a minor exception of important people needs those. All you need is a sensible setup, good configs, and a no paranoia way to life. Look at things correctly...

However, for those who do have a big company, lots of sensitive data, etc... It's simply adviced never to connect to the internet. If you however need to, make sure those bits and pieces (mostly the lesser part of your system) is not accessible by the person accessing the internet. GNOME/KDE/XFCE/etc... have really good multi-user support. Limiting certain users to only-internet or only-documents has become surprisingly simple these days. Linux is a multi-user environment, so it's best to treat every simple setup like that. And really act like it. Using that as an advantage is really a plus.

Nutshell: use multiple users. Swap sessions, whatever. It's really handy...
2: Don't _ever_ sudo on a user having access to the stuff you don't _ever_ want exposed to anything / anyone but you (e.g. sensitive data, company files)
3: Only sudo on your "admin" user, preferably one that cannot access anything but system resources, so no user files, etc...
4: Use your system for greater good. Don't go blocking yourself in too much. You still need some functionality!

Hit me when you disagree with some of these things. I might have said wrong things Most of this are plain ideas (still need to begin setting up sensible users myself)

Yaro · 2009-04-05 18:35:42

pogeymanz wrote:

Yaro wrote:
2. Before you disable root, install sudo and make sure you have the wheel. sudo is probably the best security tool ever developed for Linux: Temporarily elevate to root permissions for ONE command only. Do NOT enable to NOPASSWORD option in the sudoers file, as that means once someone does manage to break in to a sudoer's account and they have NOPASSWORD set on themselves, it's basically the same as breaking into root.
The only problem with sudo is that it isn't really ONE command only. In the sense that you only have to enter the sudo password once every five minutes to use sudo. I'd prefer if you had to enter it every single time, so that nothing can slip between the cracks.
I do like the idea of disabling root. (TIP: You can still log in as root by logging in as normal user and running "sudo su")

You still have to put sudo before each command you want to run as root though or go su - root. Sure, the password might not have to be entered each time, but it's still for one command at a time. You can't enter, say, "sudo pacman -Sy xorg" once and then expect to run root-only commands without using sudo after that. That was actually the point I was trying to make.

Mr. Alex · 2012-08-03 06:51:23

barjo wrote:

use no script

Why? How can web script do something malicious?
I would say just don't install Java on your Linux box. But JS scripts can't be harmful by themselves.

ngoonee · 2012-08-03 07:12:08

Mr. Alex wrote:

barjo wrote:
use no script
Why? How can web script do something malicious?
I would say just don't install Java on your Linux box. But JS scripts can't be harmful by themselves.

Go say it somewhere else, not on a 3 year old thread. Closing....

Arch Linux

#51 2009-04-05 13:39:30

Re: Linux and Viruses?

#52 2009-04-05 13:55:21

Re: Linux and Viruses?

#53 2009-04-05 16:45:58

Re: Linux and Viruses?

#54 2009-04-05 18:35:42

Re: Linux and Viruses?

#55 2012-08-03 06:51:23

Re: Linux and Viruses?

#56 2012-08-03 07:12:08

Re: Linux and Viruses?

Board footer