su command - Security concerns

Protecting your Linux box
phoenix
Havaldaar
Posts: 105
Joined: Wed Jan 18, 2006 4:02 pm
Location: Islamabad
Contact:

su command - Security concerns

Postby phoenix » Tue Apr 17, 2007 8:38 am

AoA

How safe it is to 'su' while internet in on?

supose I want to change ownership of some
file, should I 'su' from the user account, with
X on, internet on; OR

should I do CTRL+SHIFT+FX and login as 'root'
there?

which one is better?
I'm using Slackware 11.
__/__/__/__/__/__/__/__/__/__/__/__/
Pakistan - Kashmir
__/__/__/__/__/__/__/__/__/__/__/__/

nomankhn
Colonel
Posts: 714
Joined: Wed Aug 07, 2002 8:00 pm

Re: su command - Security concerns

Postby nomankhn » Tue Apr 17, 2007 10:14 am

Dear

su is good option.

Regards
Noman Liaquat Khanzada Rajput
Linux means productivity and fun.
We all love Linux, but it's also a fact that some people might not be able to migrate.

lambda
Major General
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Location: Lahore
Contact:

Re: su command - Security concerns

Postby lambda » Tue Apr 17, 2007 3:49 pm

phoenix wrote:How safe it is to 'su' while internet in on?
look, we can't turn off the internet just so you can type your root password. there are millions of people and computers on the internet. they can't go offline for you.

as long as your connection to the system is either at the console or over an encrypted link (like ssh), and no one's installed a keylogger, or is able to read keystrokes off your x window session, it's safe to type 'su'.

in fact, it's safer to use sudo.

LinuxFreaK
Site Admin
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
Location: Karachi
Contact:

Re: su command - Security concerns

Postby LinuxFreaK » Thu Apr 19, 2007 1:49 pm

lambda wrote:
phoenix wrote:How safe it is to 'su' while internet in on?
look, we can't turn off the internet just so you can type your root password. there are millions of people and computers on the internet. they can't go offline for you.

as long as your connection to the system is either at the console or over an encrypted link (like ssh), and no one's installed a keylogger, or is able to read keystrokes off your x window session, it's safe to type 'su'.

in fact, it's safer to use sudo.


indeed
Farrukh Ahmed


Return to “Security”

Who is online

Users browsing this forum: No registered users and 1 guest