sudo, not su.
Jeffrey Kesselman
jeffpk at gmail.com
Fri Dec 21 20:07:45 EST 2007
Well, i understand. :)
I was very surprised to find that by default root has no password on the OLPC!
This seems a mite dangerous to me. I can just imagine OLPC viri
springing up, propagtating through the mesh...
I'd love to have a proper sudo on the thing. It would make me feel a
lot mreo comfortable.
On Dec 21, 2007 1:27 PM, C. Scott Ananian <cscott at laptop.org> wrote:
> I think people misunderstand the core problem: if root does not have a
> password, then *any activity on the system* can gain root privileges
> by su'ing to root. By restricting 'root login' to the olpc user via
> sudo, it becomes simple to restrict the activities which can gain root
> privileges, because our security system runs activities as their own
> UIDs. This is the key difference in using sudo, not whether the root
> account is 'well known', etc etc.
> --scott
>
> --
> ( http://cscott.net/ )
> _______________________________________________
> Devel mailing list
> Devel at lists.laptop.org
> http://lists.laptop.org/listinfo/devel
>
--
~~ Microsoft help desk says: reply hazy, ask again later. ~~
More information about the Devel
mailing list