su command - Security concerns

Protecting your Linux box

su command - Security concerns

Postby phoenix » Tue Apr 17, 2007 8:38 am

AoA

How safe it is to 'su' while internet in on?

supose I want to change ownership of some
file, should I 'su' from the user account, with
X on, internet on; OR

should I do CTRL+SHIFT+FX and login as 'root'
there?

which one is better?
I'm using Slackware 11.
__/__/__/__/__/__/__/__/__/__/__/__/
Pakistan - Kashmir
__/__/__/__/__/__/__/__/__/__/__/__/
phoenix
Havaldaar
 
Posts: 105
Joined: Wed Jan 18, 2006 4:02 pm
Yahoo Messenger: arslanone
Location: Islamabad

Re: su command - Security concerns

Postby nomankhn » Tue Apr 17, 2007 10:14 am

Dear

su is good option.

Regards
Noman Liaquat Khanzada Rajput
Linux means productivity and fun.
We all love Linux, but it's also a fact that some people might not be able to migrate.
nomankhn
Colonel
 
Posts: 714
Joined: Wed Aug 07, 2002 8:00 pm

Re: su command - Security concerns

Postby lambda » Tue Apr 17, 2007 3:49 pm

phoenix wrote:How safe it is to 'su' while internet in on?
look, we can't turn off the internet just so you can type your root password. there are millions of people and computers on the internet. they can't go offline for you.

as long as your connection to the system is either at the console or over an encrypted link (like ssh), and no one's installed a keylogger, or is able to read keystrokes off your x window session, it's safe to type 'su'.

in fact, it's safer to use sudo.
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Re: su command - Security concerns

Postby LinuxFreaK » Thu Apr 19, 2007 1:49 pm

lambda wrote:
phoenix wrote:How safe it is to 'su' while internet in on?
look, we can't turn off the internet just so you can type your root password. there are millions of people and computers on the internet. they can't go offline for you.

as long as your connection to the system is either at the console or over an encrypted link (like ssh), and no one's installed a keylogger, or is able to read keystrokes off your x window session, it's safe to type 'su'.

in fact, it's safer to use sudo.


indeed
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi


Return to “%s” Security

Who is online

Users browsing this forum: No registered users and 3 guests

cron