What is it with these distros?

Gullible Jones · 2006-06-21 19:55:25

Okay, SLAX is very nice, but I absolutely refuse to run my desktop as root! At least turn off the root account and have an admin account with sudo priveleges ala Ubuntu, or something...

(Also, I must remember to tell the SLAX devs that no vi makes sudo annoying to change the settings on.)

Edit: right, CUPS would be a problem wouldn't it. Anyone know how Ubuntu handles CUPS administration with the root account disabled?

cactus · 2006-06-21 20:17:56

gtksudo
and
kdesu

pretty sure that is what the helper apps are called..

Gullible Jones · 2006-06-21 21:00:40

No sudo support for KDE?

cactus · 2006-06-21 21:06:37

kdesu is the same thing..i might even have the name wrong..maybe it is kdesudo or something..
it does the same thing..just a different name...again..not sure. I haven't used kde in years.

Gullible Jones · 2006-06-21 21:13:49

Weird. Last time I used KDE I had to give the root password to do CUPS administration, and the root account needed to be unlocked.

Dusty · 2006-06-21 21:19:13

Gullible Jones wrote:

Weird. Last time I used KDE I had to give the root password to do CUPS administration, and the root account needed to be unlocked.

you're too quick to judge and assume anything that happens to you is the only way it can happen.

For the record, Kubuntu permits cups administration using sudo somehow. It always asks a user with admin privleges for that user's password, not a root password. Kubuntu, BTW, uses KDE.

It reflects poorly on yourself and on this community when you make sweeping statements without checking the facts. It is never safe to assume that the way things run for you is the way they are for all users, or that your partial knowledge encompasses all that can be known.

Dusty

Gullible Jones · 2006-06-21 21:22:32

Wow, I can't believe I never noticed that SLAX has SSHD running by default too. Default root login plus weak password plus SSHD running by default... Is this not a bit like painting a huge bullseye on one's chest and screaming "Shoot me!" to every script kiddie on the planet? :shock:

Dusty · 2006-06-21 21:48:38

Have you been hacked using this setup yet?

cactus · 2006-06-21 22:11:55

slax is a live CD, isn't it?

Gullible Jones · 2006-06-21 23:19:08

Yes it is.

Dusty wrote:

you're too quick to judge and assume anything that happens to you is the only way it can happen.
For the record, Kubuntu permits cups administration using sudo somehow. It always asks a user with admin privleges for that user's password, not a root password. Kubuntu, BTW, uses KDE.
It reflects poorly on yourself and on this community when you make sweeping statements without checking the facts. It is never safe to assume that the way things run for you is the way they are for all users, or that your partial knowledge encompasses all that can be known.
Dusty

What sweeping statements? Look, sorry if you read any sarcasm into what I said earlier, that's not the way I meant it...

Have you been hacked using this setup yet?

No but I haven't been running things from the root account.

whargoul · 2006-06-22 16:25:52

The scary is, that I think SLAX mounts all your disks.

Mr Green · 2006-06-22 17:42:55

op

Gullible Jones · 2006-06-22 18:29:05

It does mount all your disks on boot. Or tries to anyway, I'm not sure how it handles NTFS.

whargoul · 2006-06-22 21:39:07

Gullible Jones wrote:

It does mount all your disks on boot. Or tries to anyway, I'm not sure how it handles NTFS.

So we actually have a very unsecure dist. Somebody could erase my disk just like that. :shock:

phrakture · 2006-06-22 21:59:05

whargoul wrote:

So we actually have a very unsecure dist. Somebody could erase my disk just like that. :shock:

Not entirely true. They could be mounted read-only. Also, if you're running as a normal, non-root user, there's no difference between having your disks mounted via a live CD or via the normal system.

You can make the same claim about a normal arch install. "Oh god someone can gain root permissions and erase my disks!" - yeah, this has *always* been possible.

kth5 · 2006-06-22 23:13:05

once somebody has physical access to your box, every meassure is more or less useless.

Gullible Jones · 2006-06-23 01:54:55

The issue here isn't physical access.

(I don't really see how it would matter if SLAX automounts your partitions, someone with remote access could do that themselves, or just format your hard drive.)

Dusty · 2006-06-23 02:03:21

In fact, there is no issue here.

ScriptDevil · 2006-06-23 08:30:01

the best thing to do sitting in front of a person you want to have revenge on -No, not format it. Remove the hard disk and any other part, and take it home

ScriptDevil · 2006-06-23 08:30:50

You can possibly keep the computer in a back locker for Safety sake( especially from me )

Sigi · 2006-06-23 10:42:43

Mr Green wrote:

op

op <- more info here

Gullible Jones · 2006-06-23 14:19:23

That's not much info, and the project's homepage is 404. :?

Bison · 2006-06-26 20:47:07

Slax is a live cd. It doesn't even have an hd install AFAIK. So if someone puts in ANY livecd into your pc, there is no local security.

Gullible Jones · 2006-06-26 22:26:00

My issue was with remote security, not local security. Perhaps I am wrong, but I figured that they could at least leave sshd off by default.

(Wait a minute... It's a live CD. Come to think of it, why would you have the OpenSSH daemon running on a live CD? Hmm. Maybe it's supposed to be a safeguard against X borking and locking the machine up locally?)

BTW, SLAX can be installed to the hard drive. Not sure how its security stuff is there though, probably much better.

Bison · 2006-06-27 19:49:58

I'm guessing sshd doesn't matter, because your isp will likely block the port. Even if it doesn't, you have to set up your router forwarding.

I'm with jones here though. Why would you have sshd running on a live cd?

Arch Linux

#1 2006-06-21 19:55:25

What is it with these distros?

#2 2006-06-21 20:17:56

Re: What is it with these distros?

#3 2006-06-21 21:00:40

Re: What is it with these distros?

#4 2006-06-21 21:06:37

Re: What is it with these distros?

#5 2006-06-21 21:13:49

Re: What is it with these distros?

#6 2006-06-21 21:19:13

Re: What is it with these distros?

#7 2006-06-21 21:22:32

Re: What is it with these distros?

#8 2006-06-21 21:48:38

Re: What is it with these distros?

#9 2006-06-21 22:11:55

Re: What is it with these distros?

#10 2006-06-21 23:19:08

Re: What is it with these distros?

#11 2006-06-22 16:25:52

Re: What is it with these distros?

#12 2006-06-22 17:42:55

Re: What is it with these distros?

#13 2006-06-22 18:29:05

Re: What is it with these distros?

#14 2006-06-22 21:39:07

Re: What is it with these distros?

#15 2006-06-22 21:59:05

Re: What is it with these distros?

#16 2006-06-22 23:13:05

Re: What is it with these distros?

#17 2006-06-23 01:54:55

Re: What is it with these distros?

#18 2006-06-23 02:03:21

Re: What is it with these distros?

#19 2006-06-23 08:30:01

Re: What is it with these distros?

#20 2006-06-23 08:30:50

Re: What is it with these distros?

#21 2006-06-23 10:42:43

Re: What is it with these distros?

#22 2006-06-23 14:19:23

Re: What is it with these distros?

#23 2006-06-26 20:47:07

Re: What is it with these distros?

#24 2006-06-26 22:26:00

Re: What is it with these distros?

#25 2006-06-27 19:49:58

Re: What is it with these distros?

Board footer