Re: been using only root account - system compromized?



Tauno Voipio wrote:
sfd@xxxxxxx wrote:
Hi

I've just installed a new system with Suse linux 10.0 and spent about 6
weeks configuring it. I did everything with the root user (daily work,
internet, program installation...). I'm now in the process of setting up a
'normal' user to work with. I wonder though if it is not too late and if my
system might have already been compromised.

Apart from 2-3 system crashes and occasional slow-down (which could well
have been linked to 'benign' software/hardware problems), I didn't
experience anything wrong.

My question really is: Can I now safely create and work with a new 'normal'
user or do I need to reinstall everything (and only user root for such
things as packet installations)? As I spend a lot of time going through
the installation and configuration of new software, I'm not keen on
reinstalling everything. Is there a way to find out if my PC is
compromised? :-)

If there is not much done after the installation, or you can afford
to lose your changes, do a re-install. The check is more tedious, and
it always leaves the little nagging feeling, if something went
unnoticed.

In case of doubt - wipe the thing and re-install it. This time,
please create the normal user at once, and do not allow SSH root
logins.

Utter tosh.

Just go and set up a normal user.

If things don't work, use root to fix them.

Its more likely you will cerate things that CAN'T be used by a normal user when acting as root, than you will create things that ANYBODY can access regardless.

If security is a worry for you, rather than a way to impress other people with spurious second hand half baked opinions..then take the time to understand how Unix and Linux security actually works.

And don't take anyones word for it other than the manuals. Including mine.



.