LinuxSA Mailing list archives

  From: Alex Garner <linuxsa@bourbon.lynx.net.au>
  To  : linuxsa@linuxsa.org.au
  Date: Tue, 13 Apr 1999 11:55:42 +0930

Re: ifup ppp0

At 14:29 12/04/99 , you wrote:
> > make sure you are root.
> > most system commands (like route, ifup, ifconfig, ipfwadm etcetcetc)
> > do not "exist" in your path unless you are root. extra security i guess.
>
>Security?  Bah.  Nothing of the sort.
>
>You can modify your path with impunity no matter what your user-id is.
>Change the contents of your "PATH" environment variable (method varies
>according to your shell).

This is a much good plan. Much better than logging in as root. See below.

However, I think what 'hawjd001' meant here was that the lack of the /sbin/
from a regular user path is to 'secure' your system from one's own
stupidity. We've all rm'ed something we shouldn't have I'm sure!

>Depending on your local security policy and a risk assessment, you can
>turn on the setuid flag on privileged commands so that you can run them
>as unprivileged users.

I always say to new users of linux who do almost everything as root,
'don't!'. Get into the habit of logging in as yourself and don't run your x
session as root either. Even if your the only person using the computer,
get into the habit of using it as just another uid. Edit your paths, and
permissions on devices so that you are not inconvenienced, but habits
formed now, will not have to be relearned when you get your first sysadmin job!

Cheers

Alex! 

-- 
Check out the LinuxSA web pages at http://www.linuxsa.org.au/
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject