to ec2-user or not to ec2-user?
Vitaly Kuznetsov
vkuznets at redhat.com
Mon Dec 17 13:03:54 UTC 2012
On 12/14/2012 09:12 PM, Matthew Miller wrote:
> Amazon recommends using ec2-user (with passwordless sudo) for EC2 images.
> That's what Fedora has been doing. Do we want to continue this? Arguments:
>
>
> A. It doesn't really provide any added security, but does add complication.
> Additionally, normal "don't run as root" advice is less important since
> cloud instances should be ephemeral and recreatable.
I think the security concern is: there are a lot of things user can do
without having root privileges. Providing him with root access by
default leads to unreasonable using it for everything. Using 'sudo' for
privileged commands only looks better.
--
Vitaly Kuznetsov, Cloud QE
More information about the cloud
mailing list