Re: su or sudo su?

Tim <ignored_mailbox@xxxxxxxxxxxx> wrote:
Sent: Oct 18, 2010 2:13 PM
To: James Mckenzie <jjmckenzie51@xxxxxxxxxxxxx>, Community support for Fedora users <users@xxxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: su or sudo su?

On Mon, 2010-10-18 at 09:40 -0700, James Mckenzie wrote:
Also root's home directory should NEVER be / (root) but rather
something like /home/root.

Wrong. Bad advice. The following somewhat mitigates that, but you've
muddied the water with bad advice in the first place.

I did not state /root but rather the base root directory '/'. Anything else would be ok in my book from a security standpoint.


I've known of several folks who 'forgot' they were root or had either
sudo'd or su -'d and then issued the famous (or infamous) rm -rf *
wiping out the system or at least destroying critical files.

It's fine for root to have /root as the home space. So the "never" word
is bad. It's the default location. And your advice may to scare the
completely clueless into wrecking their system.

It's a bad idea to put it in /home, because /home could be on an
unmounted partition, and root may need access to its home space to fix a
problem. So if you're going to suggest shift it, don't suggest putting
it /home. Certainly not without complete explanation.

Never thought of that, thank you for the advice. Most folks just install using the defaults and some systems default to root's home being the base root directory and not /root or /home/root. Thus using su - will place you in the base root directory. Danger, danger, danger as I stated above.

Moving roots home further into the tree may help against some rm
accidents, but it's by no means a foolproof solution. Bad wildcarding
choices will get them into the parent directory. And prefixing the path
with the slash will destroy "/" contents no matter where they started
out working from.

We cannot fix stupid and some users scare me. That's why they don't get sudo and will never get root's password either.

But thank you for the good advice here. I never thought of /home being a mounted partition and /root not being one (when I build a system I tend to overdo the number of independent partitions.)

James McKenzie

--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Relevant Pages

  • Re: Fedora 12: No flash plugin
    ... Setting up Install Process ... I'm used to sudo, but I guess that on Fedora I first have to ... just use 'su -' in a shell to become root for now. ... I'm not saying that their advice isn't good but getting ...
    (Fedora)
  • Re: su or sudo su?
    ... muddied the water with bad advice in the first place. ... What I was saying here is that root should NEVER have the base root ... SA decides to wipe root's home directory and types in cd; ... this has little to do with the use of sudo vice su -. ...
    (Fedora)
  • Re: Harbour - Ready_to_Use Distro with IDE
    ... I use all my programs direct on c:\ root drive, since instaling on ... some apps wont work properly. ... layout you provided which is based on installing your code into the root ... This is not good advice. ...
    (comp.lang.clipper)
  • Re: My Debian box cant connect Internet (run out of tricks)
    ... > It's very odd that you can't change this file as root. ... > system so it does NOT connect to the Internet on bootup, ... >> Thanks for your advice. ...
    (Debian-User)
  • Re: Installer does not work anymore on OS 10.4.10 (and does not shut down)
    ... I assume you have heard the standard advice no to do that. ... Backup everything. ... you have been running as root, perhaps I should not asume such things. ... Wipe the system and do a clean install from scratch. ...
    (comp.sys.mac.system)