aplelois
asked on
fedora core 1 password
hello,
I have a server and sometimes I give the root pass to friends,
so that they can help me install new things, but I really dont want
any of them to maybe steal my machine and change the root pass
is there anyway of creating something that can send me the
current password of my machine to my email?
I have a server and sometimes I give the root pass to friends,
so that they can help me install new things, but I really dont want
any of them to maybe steal my machine and change the root pass
is there anyway of creating something that can send me the
current password of my machine to my email?
Hi,
I would strongly recommend giving the user SUDO access, anyways if you dont want to give sudo access you could
issue the following commands so he cant change the root password:
chattr +i /etc/passwd
chattr +i /etc/shadow
This will make the /etc/passwd and /etc/shadow file immunable and will stop him editing them unless he
do:
chattr -i /etc/shadow
but he might not noticed the immune flag :)
I would strongly recommend giving the user SUDO access, anyways if you dont want to give sudo access you could
issue the following commands so he cant change the root password:
chattr +i /etc/passwd
chattr +i /etc/shadow
This will make the /etc/passwd and /etc/shadow file immunable and will stop him editing them unless he
do:
chattr -i /etc/shadow
but he might not noticed the immune flag :)
Security byobscurity.... how ... qaint:-).
I really don't think that is a good idea.
Either you trust your friend enough to let him/her have the password, or you don't. If you don't, you should look at the (meager) options .... meager in that there aren't a whole lot of options _other_ than sudo.
Sudo can be made to be safe.... you can for example limit the "root access" to only a few commands for the otherwise unpriviledged user.
If you don't trust your friend to have root access, then how can you trust your friend to install software?
I wouldn't, but then.... Maybe I'm paranoid:-).
-- Glenn
I really don't think that is a good idea.
Either you trust your friend enough to let him/her have the password, or you don't. If you don't, you should look at the (meager) options .... meager in that there aren't a whole lot of options _other_ than sudo.
Sudo can be made to be safe.... you can for example limit the "root access" to only a few commands for the otherwise unpriviledged user.
If you don't trust your friend to have root access, then how can you trust your friend to install software?
I wouldn't, but then.... Maybe I'm paranoid:-).
-- Glenn
Two things:
> Security byobscurity.... how ... qaint:-).
should read
> "Security by obscurity".... how ... quaint:-).
... and start learning about sudo (assuming you have it installed) via "man sudo" or looking here: http://www.courtesan.com/sudo/
-- Glenn
> Security byobscurity.... how ... qaint:-).
should read
> "Security by obscurity".... how ... quaint:-).
... and start learning about sudo (assuming you have it installed) via "man sudo" or looking here: http://www.courtesan.com/sudo/
-- Glenn
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
But instead of giving out the root password, why not investigate/use sudo instead? That would be mych better... Not foolproof, but better.
-- Glenn