[kwlug-disc] Johnny Cash: A boy name SU

Chris Craig kwlug.org at ciotog.net
Wed May 21 11:44:41 EDT 2014


If you do that on a work machine you should really protect your screen
session with a password, like so:
http://damien.krotkine.com/2011/09/01/protect-a-screen-session-with-a-password.html

Otherwise someone who doesn't have root privileges would be able to
get a root shell by taking your screen session somehow (naturally
that's difficult in itself, but somewhat easier than getting a root
shell directly).

The link I provided talks about protecting your screen session from a
root user, but the practice is the same even if the principle is
different. It's discussed more at length here:
http://unix.stackexchange.com/questions/8574/is-it-secure-to-leave-a-root-shell-running-in-detached-screen-session

On 21 May 2014 10:35, Khalid Baheyeldin <kb at 2bits.com> wrote:
> I use screen to open many shells, and in one "window", I do:
>
> $ su -
>
> Then enter the password
>
> I am in a root shell in that "window" forever.
>
> Or, if it is a machine that you are not logged into all the time, just do:
>
> $ sudo bash
> Then enter the password
>
>
>
>
> On Wed, May 21, 2014 at 10:20 AM, John Johnson <jvj at golden.net> wrote:
>>
>> On 2014-05-21 10:13, Khalid Baheyeldin wrote:
>>>
>>> Is it just me or what? The su has always been in Linux since forever.
>>
>>
>> It is me. Not you.
>>
>> Many years ago I looked for SU and was advised to do all 'root' stuff with
>> $ sudo.
>> I did not know about $ sudo su<ENTER> until recently.
>>
>>
>> JohnJ
>>
>>
>>
>>
>>
>> _______________________________________________
>> kwlug-disc mailing list
>> kwlug-disc at kwlug.org
>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
>
>
> --
> Khalid M. Baheyeldin
> 2bits.com, Inc.
> Fast Reliable Drupal
> Drupal optimization, development, customization and consulting.
> Simplicity is prerequisite for reliability. --  Edsger W.Dijkstra
> Simplicity is the ultimate sophistication. --   Leonardo da Vinci
> For every complex problem, there is an answer that is clear, simple, and
> wrong." -- H.L. Mencken
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>




More information about the kwlug-disc mailing list