Hello,
I have a strange issue: my machine was updated via cron last noght. I rebooted this morning and several attempts, including rebooting into the older kernel do not seem to work in granting me sudo access.
~$ sudo dnf update [sudo] password for maitra: maitra is not in the sudoers file. This incident will be reported.
The password is correct because otherwise I would get the notificaiton that it is not so so that is not the issue.
Short of reinstalling, how do I get around this? Note that I do not have root account, so I am not sure about what to do.
Many thanks and best wishes, Ranjan
On 02/09/2016 07:52 AM, Ranjan Maitra wrote:
Hello,
I have a strange issue: my machine was updated via cron last noght. I rebooted this morning and several attempts, including rebooting into the older kernel do not seem to work in granting me sudo access.
~$ sudo dnf update [sudo] password for maitra: maitra is not in the sudoers file. This incident will be reported.
The password is correct because otherwise I would get the notificaiton that it is not so so that is not the issue.
Short of reinstalling, how do I get around this? Note that I do not have root account, so I am not sure about what to do.
Many thanks and best wishes, Ranjan
The error explains it:
maitra is not in the sudoers file. This incident will be reported.
run visudo
is "wheel" enabled for sudo and is maitra in the wheel group?
On Tue, 9 Feb 2016 08:19:24 -0600 SternData subscribed-lists@sterndata.com wrote:
On 02/09/2016 07:52 AM, Ranjan Maitra wrote:
Hello,
I have a strange issue: my machine was updated via cron last noght. I rebooted this morning and several attempts, including rebooting into the older kernel do not seem to work in granting me sudo access.
~$ sudo dnf update [sudo] password for maitra: maitra is not in the sudoers file. This incident will be reported.
The password is correct because otherwise I would get the notificaiton that it is not so so that is not the issue.
Short of reinstalling, how do I get around this? Note that I do not have root account, so I am not sure about what to do.
Many thanks and best wishes, Ranjan
The error explains it:
maitra is not in the sudoers file. This incident will be reported.
It does?
run visudo
is "wheel" enabled for sudo and is maitra in the wheel group?
But I seem to have lost sudo privileges after the update. How do I run visudo without being a superuser? I do not appear to have access to /etc/sudoers as a result.
Ranjan
____________________________________________________________ FREE ONLINE PHOTOSHARING - Share your photos online with your friends and family! Visit http://www.inbox.com/photosharing to find out more!
On 02/09/2016 08:29 AM, Ranjan Maitra wrote:
On Tue, 9 Feb 2016 08:19:24 -0600 SternData subscribed-lists@sterndata.com wrote:
On 02/09/2016 07:52 AM, Ranjan Maitra wrote:
Hello,
I have a strange issue: my machine was updated via cron last noght. I rebooted this morning and several attempts, including rebooting into the older kernel do not seem to work in granting me sudo access.
~$ sudo dnf update [sudo] password for maitra: maitra is not in the sudoers file. This incident will be reported.
The password is correct because otherwise I would get the notificaiton that it is not so so that is not the issue.
Short of reinstalling, how do I get around this? Note that I do not have root account, so I am not sure about what to do.
Many thanks and best wishes, Ranjan
The error explains it:
maitra is not in the sudoers file. This incident will be reported.
It does?
run visudo
is "wheel" enabled for sudo and is maitra in the wheel group?
But I seem to have lost sudo privileges after the update. How do I run visudo without being a superuser? I do not appear to have access to /etc/sudoers as a result.
Ranjan
You'll need to find that scrap of paper on which you wrote the password for "root" and put away someplace safe. :-)
To the OP of this thread:
Why not
boot a live CD or DVD
Once booted, su - root
mkdir /fedora mount /dev/sd ?? /fedora (?? are something like a0 or a1 ...etc ... the name of your hard drive boot partition)
chroot /fedora
passwd root
now you can enter a new password.
HTH
Thanks to all who replied! As a security feature, I chose not have a root account on the machine (of course, I never expected my sudo access to disappear) and have not had it on any of my machines ever since Fedora allowed that possiblity (circa Fedora-low-teens-or-before).
The proposed solution below is what I was looking for.
Thank you!
Best wishes, Ranjan
TOn Tue, 9 Feb 2016 10:02:31 -0700 jd1008 jd1008@gmail.com wrote:
To the OP of this thread:
Why not
boot a live CD or DVD
Once booted, su - root
mkdir /fedora mount /dev/sd ?? /fedora (?? are something like a0 or a1 ...etc ... the name of your hard drive boot partition)
chroot /fedora
passwd root
now you can enter a new password.
HTH
users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
On 02/09/2016 09:09 AM, Ranjan Maitra wrote:
Thanks to all who replied! As a security feature, I chose not have a root account on the machine (of course, I never expected my sudo access to disappear) and have not had it on any of my machines ever since Fedora allowed that possiblity (circa Fedora-low-teens-or-before).
...and now you know why that's a Bad Idea.
On Tue, Feb 9, 2016 at 6:02 PM, jd1008 jd1008@gmail.com wrote:
To the OP of this thread:
Why not
boot a live CD or DVD
Once booted, su - root
mkdir /fedora mount /dev/sd ?? /fedora (?? are something like a0 or a1 ...etc ... the name of your hard drive boot partition)
chroot /fedora
passwd root
root's presumably disabled on the OP's box so rather than change this setup, the OP should run "visudo -f /etc/sudoers.d/maitra" after "chroot /fedora" (or "systemd-nspawn -D /fedora") to create the following line in "/etc/sudoers.d/maitra":
maitra ALL=(ALL) ALL
On Wed, 10 Feb 2016 16:24:44 +0100 Tom H tomh0665@gmail.com wrote:
On Tue, Feb 9, 2016 at 6:02 PM, jd1008 jd1008@gmail.com wrote:
To the OP of this thread:
Why not
boot a live CD or DVD
Once booted, su - root
mkdir /fedora mount /dev/sd ?? /fedora (?? are something like a0 or a1 ...etc ... the name of your hard drive boot partition)
chroot /fedora
passwd root
root's presumably disabled on the OP's box so rather than change this setup, the OP should run "visudo -f /etc/sudoers.d/maitra" after "chroot /fedora" (or "systemd-nspawn -D /fedora") to create the following line in "/etc/sudoers.d/maitra":
maitra ALL=(ALL) ALL
Thanks! This is exactly what I did.
Best wishes, Ranjan
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
On Wed, Feb 10, 2016 at 4:45 PM, Ranjan Maitra maitra.mbox.ignored@inbox.com wrote:
On Wed, 10 Feb 2016 16:24:44 +0100 Tom H tomh0665@gmail.com wrote:
root's presumably disabled on the OP's box so rather than change this setup, the OP should run "visudo -f /etc/sudoers.d/maitra" after "chroot /fedora" (or "systemd-nspawn -D /fedora") to create the following line in "/etc/sudoers.d/maitra":
maitra ALL=(ALL) ALL
Thanks! This is exactly what I did.
You're welcome.
I hope that you can now figure out why sudo stopped working for maitra.
On 02/10/2016 11:28 AM, Tom H wrote:
On Wed, Feb 10, 2016 at 4:45 PM, Ranjan Maitra maitra.mbox.ignored@inbox.com wrote:
On Wed, 10 Feb 2016 16:24:44 +0100 Tom H tomh0665@gmail.com wrote:
root's presumably disabled on the OP's box so rather than change this setup, the OP should run "visudo -f /etc/sudoers.d/maitra" after "chroot /fedora" (or "systemd-nspawn -D /fedora") to create the following line in "/etc/sudoers.d/maitra":
maitra ALL=(ALL) ALL
Thanks! This is exactly what I did.
You're welcome.
I hope that you can now figure out why sudo stopped working for maitra.
Look at the dnf logs and look for ".rpmnew" files as well. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, AllDigital ricks@alldigital.com - - AIM/Skype: therps2 ICQ: 226437340 Yahoo: origrps2 - - - - I won't rise to the occasion, but I'll slide over to it. - ----------------------------------------------------------------------
On 02/10/2016 08:24 AM, Tom H wrote:
On Tue, Feb 9, 2016 at 6:02 PM, jd1008 jd1008@gmail.com wrote:
To the OP of this thread:
Why not
boot a live CD or DVD
Once booted, su - root
mkdir /fedora mount /dev/sd ?? /fedora (?? are something like a0 or a1 ...etc ... the name of your hard drive boot partition)
chroot /fedora
passwd root
root's presumably disabled on the OP's box so rather than change this setup, the OP should run "visudo -f /etc/sudoers.d/maitra" after "chroot /fedora" (or "systemd-nspawn -D /fedora") to create the following line in "/etc/sudoers.d/maitra":
maitra ALL=(ALL) ALL
The problem with allowing the user to be effectively root (via sudoers) is that ubiquotous browser. I have zero faith in browsers. No, not 0, but -infinity . A malefic website can and does user JS to fork out processes that can sudo whatever they want. This is why broswers should be set to suid some user other than the logged-in user, and having no privileges outside it's own directory. This would be like a jail. Many of you already know how to set up such a jail.
On 02/10/2016 10:27 AM, Patrick O'Callaghan wrote:
On Wed, 2016-02-10 at 10:17 -0700, jd1008 wrote:
A malefic website can and does user JS to fork out processes that can sudo whatever they want.
Are you sure? If so, please give a reference.
poc
Some years ago, the reference came directly from google website analysis (obtained via the noscript add-on). to paraphrase what I read then (as I am sorry I did not keep that link), stated .... it installs malware without the user's knowledge or permission ....
I will strive to locate that analysis and share it with th list.
Unless of course, it has been sanitized or removed - because google re-analyzes websites once every 90 days.
On Wed, 2016-02-10 at 10:53 -0700, jd1008 wrote:
On 02/10/2016 10:27 AM, Patrick O'Callaghan wrote:
On Wed, 2016-02-10 at 10:17 -0700, jd1008 wrote:
A malefic website can and does user JS to fork out processes that can sudo whatever they want.
Are you sure? If so, please give a reference.
poc
Some years ago, the reference came directly from google website analysis (obtained via the noscript add-on). to paraphrase what I read then (as I am sorry I did not keep that link), stated .... it installs malware without the user's knowledge or permission ....
I will strive to locate that analysis and share it with th list.
Unless of course, it has been sanitized or removed - because google re-analyzes websites once every 90 days.
I suspect you're thinking of a bug in some earlier version of JS (or Java). Normally these things are supposed to run in a sandbox precisely to prevent this. That's probably the main reason Google has just announced they'll be blocking Flash content in the near future, as it's notorious for this kind of problem.
poc
On 02/10/2016 02:45 PM, Patrick O'Callaghan wrote:
On Wed, 2016-02-10 at 10:53 -0700, jd1008 wrote:
On 02/10/2016 10:27 AM, Patrick O'Callaghan wrote:
On Wed, 2016-02-10 at 10:17 -0700, jd1008 wrote:
A malefic website can and does user JS to fork out processes that can sudo whatever they want.
Are you sure? If so, please give a reference.
poc
Some years ago, the reference came directly from google website analysis (obtained via the noscript add-on). to paraphrase what I read then (as I am sorry I did not keep that link), stated .... it installs malware without the user's knowledge or permission ....
I will strive to locate that analysis and share it with th list.
Unless of course, it has been sanitized or removed - because google re-analyzes websites once every 90 days.
I suspect you're thinking of a bug in some earlier version of JS (or Java). Normally these things are supposed to run in a sandbox precisely to prevent this. That's probably the main reason Google has just announced they'll be blocking Flash content in the near future, as it's notorious for this kind of problem.
poc
I am sorry to burst the bubble that was perpetrated by Sun Microsystems. I worked at Sun Microsystems as a contractor and talked to a very senior developer at Menlo Park. I knew this developer from working with him in a previous company. Under my oath never to reveal his name, he clued me in that the fictitious "sandbox" was the entire system. Sun was clever to use the term sandbox as a subterfuge for the silicon of the chips. This "sandbox=entire system" was confirmed to me in an email from another very senior developer who is still on this list, but will not expose his name. He confirmed that the sandbox is the entirety of the system. Reason why some people will go to email flame wars on this issue is because either it is their penny at stake, or they are obeying their superiors.
Allegedly, on or about 10 February 2016, jd1008 sent:
I am sorry to burst the bubble that was perpetrated by Sun Microsystems. I worked at Sun Microsystems as a contractor and talked to a very senior developer at Menlo Park. I knew this developer from working with him in a previous company. Under my oath never to reveal his name, he clued me in that the fictitious "sandbox" was the entire system.
I'd go along with that, I never believed the sandbox thing. After all, you can upload any file of your choosing through a Java thing in a website, and it could save a file to anywhere you selected. That's hardly sandboxed.
And, if you went through the Java preferences, on those browsers that gave you an extensive interface. You could select all sorts of breakout allowances, many of which were preset to allowed.
On 11 February 2016 at 06:48, Tim ignored_mailbox@yahoo.com.au wrote:
Allegedly, on or about 10 February 2016, jd1008 sent:
I am sorry to burst the bubble that was perpetrated by Sun Microsystems. I worked at Sun Microsystems as a contractor and talked to a very senior developer at Menlo Park. I knew this developer from working with him in a previous company. Under my oath never to reveal his name, he clued me in that the fictitious "sandbox" was the entire system.
I'd go along with that, I never believed the sandbox thing. After all, you can upload any file of your choosing through a Java thing in a website, and it could save a file to anywhere you selected. That's hardly sandboxed.
And, if you went through the Java preferences, on those browsers that gave you an extensive interface. You could select all sorts of breakout allowances, many of which were preset to allowed.
Just to bring things back to reality though. The claim was that *javascript* could execute sudo commands and has full access to the system (no sandbox) and that has nothing to do with java applets/applications whatsoever.
On Thu, 2016-02-11 at 09:42 +0000, James Hogarth wrote:
On 11 February 2016 at 06:48, Tim ignored_mailbox@yahoo.com.au wrote:
Allegedly, on or about 10 February 2016, jd1008 sent:
I am sorry to burst the bubble that was perpetrated by Sun Microsystems. I worked at Sun Microsystems as a contractor and talked to a very senior developer at Menlo Park. I knew this developer from working with him in a previous company. Under my oath never to reveal his name, he clued me in that the fictitious "sandbox" was the entire system.
I'd go along with that, I never believed the sandbox thing. After all, you can upload any file of your choosing through a Java thing in a website, and it could save a file to anywhere you selected. That's hardly sandboxed.
And, if you went through the Java preferences, on those browsers that gave you an extensive interface. You could select all sorts of breakout allowances, many of which were preset to allowed.
Just to bring things back to reality though. The claim was that *javascript* could execute sudo commands and has full access to the system (no sandbox) and that has nothing to do with java applets/applications whatsoever.
Exactly. I regret even mentioning Java and starting this hare.
poc
On 02/11/2016 02:42 AM, James Hogarth wrote:
On 11 February 2016 at 06:48, Tim <ignored_mailbox@yahoo.com.au mailto:ignored_mailbox@yahoo.com.au> wrote:
Allegedly, on or about 10 February 2016, jd1008 sent: > I am sorry to burst the bubble that was perpetrated by Sun > Microsystems. I worked at Sun Microsystems as a contractor and talked > to a very senior developer at Menlo Park. I knew this developer from > working with him in a previous company. Under my oath never to reveal > his name, he clued me in that the fictitious "sandbox" was the entire > system. I'd go along with that, I never believed the sandbox thing. After all, you can upload any file of your choosing through a Java thing in a website, and it could save a file to anywhere you selected. That's hardly sandboxed. And, if you went through the Java preferences, on those browsers that gave you an extensive interface. You could select all sorts of breakout allowances, many of which were preset to allowed.Just to bring things back to reality though. The claim was that *javascript* could execute sudo commands and has full access to the system (no sandbox) and that has nothing to do with java applets/applications whatsoever.
False! JS, when obediently executed by the browser, can write into any directory writable by the logged in user who is using the browser. Similarly, it can also delete files from any directory writable by the same user. Perhaps you are simply unaware of all the aspects of Java and JS. Have you perused and analyzed the entirety of the code and libraries that the browser is built from? That Java and JS are built from? I seriously DOUBT it. The sheer size of that code makes it so time consuming to comb through it thoroughly, it (the code size) is the perfect place to hide security breaches from the user. Couple that with the fact that the sources and tools that build Java and JS are very different to the sources and tools on your system. Are you aware that when you download the full browser source codes to build on your system, you will run into issues of library incompatibilities and tools versions incompatibilities? I have tried many times over the past 10 to 15 years. Let us suppose that, after you downloaded all the sources (including the system's libs and tools sources), and you spend 5 years tracking down security holes and removing them, and built the browser and javascript libs free of such holes; then what? The next dnf update will overwrite all that and replace it with infected software. So, you see, it is a daunting enterprise to disinfect the system from very well hidden security holes. Couple all that with something called "code obfuscation"!!! It will be well nigh impossible to read the code and find the security holes.
On 10 February 2016 at 23:22, jd1008 jd1008@gmail.com wrote:
I am sorry to burst the bubble that was perpetrated by Sun Microsystems. I worked at Sun Microsystems as a contractor and talked to a very senior developer at Menlo Park. I knew this developer from working with him in a previous company. Under my oath never to reveal his name, he clued me in that the fictitious "sandbox" was the entire system. Sun was clever to use the term sandbox as a subterfuge for the silicon of the chips. This "sandbox=entire system" was confirmed to me in an email from another very senior developer who is still on this list, but will not expose his name. He confirmed that the sandbox is the entirety of the system. Reason why some people will go to email flame wars on this issue is because either it is their penny at stake, or they are obeying their superiors.
Without details as to what language and vm it refers to unfortunately this is not a very useful anecdote. The plugin sandbox that firefox or edge use is not the same as a javascript sandbox in netscape (was there one?), or a java sandbox.
On 02/11/2016 05:41 AM, Ian Malone wrote:
On 10 February 2016 at 23:22, jd1008 jd1008@gmail.com wrote:
I am sorry to burst the bubble that was perpetrated by Sun Microsystems. I worked at Sun Microsystems as a contractor and talked to a very senior developer at Menlo Park. I knew this developer from working with him in a previous company. Under my oath never to reveal his name, he clued me in that the fictitious "sandbox" was the entire system. Sun was clever to use the term sandbox as a subterfuge for the silicon of the chips. This "sandbox=entire system" was confirmed to me in an email from another very senior developer who is still on this list, but will not expose his name. He confirmed that the sandbox is the entirety of the system. Reason why some people will go to email flame wars on this issue is because either it is their penny at stake, or they are obeying their superiors.
Without details as to what language and vm it refers to unfortunately this is not a very useful anecdote. The plugin sandbox that firefox or edge use is not the same as a javascript sandbox in netscape (was there one?), or a java sandbox.
So, you keep sanctioning and spreading and supporting the illusion of security? Such a sad position to adopt.
On 11 February 2016 at 18:33, jd1008 jd1008@gmail.com wrote:
On 02/11/2016 05:41 AM, Ian Malone wrote:
On 10 February 2016 at 23:22, jd1008 jd1008@gmail.com wrote:
I am sorry to burst the bubble that was perpetrated by Sun Microsystems. I worked at Sun Microsystems as a contractor and talked to a very senior developer at Menlo Park. I knew this developer from working with him in a previous company. Under my oath never to reveal his name, he clued me in that the fictitious "sandbox" was the entire system. Sun was clever to use the term sandbox as a subterfuge for the silicon of the chips. This "sandbox=entire system" was confirmed to me in an email from another very senior developer who is still on this list, but will not expose his name. He confirmed that the sandbox is the entirety of the system. Reason why some people will go to email flame wars on this issue is because either it is their penny at stake, or they are obeying their superiors.
Without details as to what language and vm it refers to unfortunately this is not a very useful anecdote. The plugin sandbox that firefox or edge use is not the same as a javascript sandbox in netscape (was there one?), or a java sandbox.
So, you keep sanctioning and spreading and supporting the illusion of security? Such a sad position to adopt.
I'm afraid your only viable solution is to never connect to the internet again.
On Wed, Feb 10, 2016 at 6:17 PM, jd1008 jd1008@gmail.com wrote:
On 02/10/2016 08:24 AM, Tom H wrote:
root's presumably disabled on the OP's box so rather than change this setup, the OP should run "visudo -f /etc/sudoers.d/maitra" after "chroot /fedora" (or "systemd-nspawn -D /fedora") to create the following line in "/etc/sudoers.d/maitra":
maitra ALL=(ALL) ALL
The problem with allowing the user to be effectively root (via sudoers) is that ubiquotous browser. I have zero faith in browsers. No, not 0, but -infinity . A malefic website can and does user JS to fork out processes that can sudo whatever they want. This is why broswers should be set to suid some user other than the logged-in user, and having no privileges outside it's own directory. This would be like a jail. Many of you already know how to set up such a jail.
Your malefic JS will still need the user's password to run "sudo some_command".
On Tue, 2016-02-09 at 08:48 -0800, Joe Zeff wrote:
On 02/09/2016 06:50 AM, SternData wrote:
You'll need to find that scrap of paper on which you wrote the password for "root" and put away someplace safe. :-)
And once you have it, you won't need to bother with sudo any more.
SUdo is useful even when you do have root. I use it all the time because I don't like actually logging in as root if I can avoid it. I know you can use "su -c bla bla" but sudo is quicker and easier to remember.
poc
On 02/09/2016 01:10 PM, Patrick O'Callaghan wrote:
SUdo is useful even when you do have root. I use it all the time because I don't like actually logging in as root if I can avoid it. I know you can use "su -c bla bla" but sudo is quicker and easier to remember.
I, OTOH, find su -c quite satisfactory, TYVM. The only reason I have sudo installed is that there are some install scripts that use it. Of course, back when I first started using Linux at home, almost 20 years ago, RedHat didn't come with sudo so I never got in the habit of using it. I knew about it because I had to telnet to various Unix/Linux servers (all inside the corporate firewall) at work, and worked with shell scripts that used sudo, but that's it.
And, as far as security goes, all you need to do is disable Telnet and configure ssh to disallow direct root login. That way, even if somebody manages to crack your password and get shell access via ssh, they can't use sudo to do any major damage. (I'm never in wheel, and my username isn't in /etc/sudoers, just to be safe.) Paranoid? Not really, it's just that I see no reason to have sudo set up if I'm not using it.
On Tue, 2016-02-09 at 14:15 -0800, Joe Zeff wrote:
On 02/09/2016 01:10 PM, Patrick O'Callaghan wrote:
SUdo is useful even when you do have root. I use it all the time because I don't like actually logging in as root if I can avoid it. I know you can use "su -c bla bla" but sudo is quicker and easier to remember.
I, OTOH, find su -c quite satisfactory, TYVM. The only reason I have sudo installed is that there are some install scripts that use it. Of course, back when I first started using Linux at home, almost 20 years ago, RedHat didn't come with sudo so I never got in the habit of using it. I knew about it because I had to telnet to various Unix/Linux servers (all inside the corporate firewall) at work, and worked with shell scripts that used sudo, but that's it.
I'm surprised that RH didn't come with sudo. I was using it on Solaris long before Linux was even a thing.
And, as far as security goes, all you need to do is disable Telnet and configure ssh to disallow direct root login.
Of course, SOP. I also use fail2ban so in fact the baddies don't even get as far as the SSH login.
That way, even if somebody manages to crack your password and get shell access via ssh, they can't use sudo to do any major damage. (I'm never in wheel, and my username isn't in /etc/sudoers, just to be safe.) Paranoid? Not really, it's just that I see no reason to have sudo set up if I'm not using it.
My password is long, but I do find sudo useful. To each his own.
poc
Joe Zeff wrote:
I, OTOH, find su -c quite satisfactory, TYVM.
Surely this takes substantially more time than sudo? Presumably you have to give the argument in quotes, and then give the password?
And doesn't it give an alternative way for the hacker to get the superuser password, eg by key-logging? So is it even safer in the end?
On Wed, 2016-02-10 at 12:53 +0000, Timothy Murphy wrote:
Joe Zeff wrote:
I, OTOH, find su -c quite satisfactory, TYVM.
Surely this takes substantially more time than sudo? Presumably you have to give the argument in quotes, and then give the password?
My thinking exactly.
And doesn't it give an alternative way for the hacker to get the superuser password, eg by key-logging? So is it even safer in the end?
If there's a keylogger, all bets are off anyway, so I wouldn't give much weight to this as an argument.
poc
On 02/10/2016 04:53 AM, Timothy Murphy wrote:
Surely this takes substantially more time than sudo? Presumably you have to give the argument in quotes, and then give the password?
So? Time is not everything, and being retired, I have all that I need.
And doesn't it give an alternative way for the hacker to get the superuser password, eg by key-logging? So is it even safer in the end?
If the hacker's gotten through my firewall and installed a key logger, it's already too late.
On Wed, 2016-02-10 at 08:48 -0800, Joe Zeff wrote:
On 02/10/2016 04:53 AM, Timothy Murphy wrote:
Surely this takes substantially more time than sudo? Presumably you have to give the argument in quotes, and then give the password?
So? Time is not everything, and being retired, I have all that I need.
Also retired, for what it's worth. All the same I prefer to type less rather than more :-)
poc
Allegedly, on or about 10 February 2016, Patrick O'Callaghan sent:
I prefer to type less rather than more :-)
Groan...
On Thu, 11 Feb 2016 17:19:34 +1030 Tim ignored_mailbox@yahoo.com.au wrote:
Allegedly, on or about 10 February 2016, Patrick O'Callaghan sent:
I prefer to type less rather than more :-)
Groan...
Thanks for the hint. I missed it the first time through, and got a chuckle out of it this time.
On 02/10/2016 08:48 AM, Joe Zeff wrote:
On 02/10/2016 04:53 AM, Timothy Murphy wrote:
Surely this takes substantially more time than sudo? Presumably you have to give the argument in quotes, and then give the password?
So? Time is not everything, and being retired, I have all that I need.
And doesn't it give an alternative way for the hacker to get the superuser password, eg by key-logging? So is it even safer in the end?
If the hacker's gotten through my firewall and installed a key logger, it's already too late.
I am a little late in the discussion. Is your username in the wheel group?
On 02/09/2016 05:52 AM, Ranjan Maitra wrote:
Short of reinstalling, how do I get around this? Note that I do not have root account, so I am not sure about what to do.
Is this a home box, or work? If it's home, why don't you have root? If it's work, it may be easiest to talk to whoever does have the root password and ask them to do what's needed. (I never use sudo, so I don't know.)
-
Ian Malone -
James Hogarth -
JD -
Joe Zeff -
Joseph Loo -
Patrick O'Callaghan -
Ranjan Maitra -
Rick Stevens -
stan -
SternData -
Tim -
Timothy Murphy -
Tom H