The user account is the weak link in this chain, and so must be protected with the same care as root. If that user's account is compromised by an attacker, the attacker can also gain root privileges the next time the user does so. Any user who uses su or sudo must be considered to be a privileged user. The basic security model is the same, and therefore these two However the advantage of using a local user with sudo is that commands can be easily tracked, as mentioned in the benefits above. This is usually the case for root, but if adding a non-root rescue account, you will have to take these precautions manually. bashrc that doesn't reference any files on NFS mounts. The local user account should have its $HOME on a local disk, not on NFS (or any other networked filesystem), and a. An extra local user, or an enabled root password is needed here. This tends to leave the system unusable unless cracked. To setup a workstation, or fix it, in the case of a network failure where nss-ldap is broken, root is required. All other users are imported using NSS techniques such as nss-ldap.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |