Everything about it is done the way this 15-year Linux/Solaris admin thinks it should be done.
Ah, I see that you're still on honeymoon with your N900. It's got its wrinkles. Try 'cat/etc/sudoers' for a start. But I do agree with most of what you say. It is an amazing device.
What do you object to in/etc/sudoers? I looked at it, but it was so long I didn't bother checking everything.
From what I read online, it looks like any user is granted root privs without a password. So if you've got apache installed, and someone finds/uses a vulnerability, they can make the apache user switch to root unless you've locked down sudoers.
By default sudo gives just an error about "switch your device to R&D mode if you want to break your device". You have to install a separate gainroot package to do it without R&D mode. Anyone who does either of those should be experienced enough to realize what the consequences are.
Of course, allowing ALL users rather than just the normal "user" to get root privileges is worse. And yes, a quick look at/etc/sudoers does look as if any user could simply do that. But I just tried:
Re: (Score:5, Informative)
Re: (Score:2)
Everything about it is done the way this 15-year Linux/Solaris admin thinks it should be done.
Ah, I see that you're still on honeymoon with your N900. It's got its wrinkles. Try 'cat /etc/sudoers' for a start. But I do agree with most of what you say. It is an amazing device.
Re:Somewhat unrelated, but (Score:2)
What do you object to in /etc/sudoers? I looked at it, but it was so long I didn't bother checking everything.
Re: (Score:2)
What do you object to in /etc/sudoers? I looked at it, but it was so long I didn't bother checking everything.
From what I read online, it looks like any user is granted root privs without a password. So if you've got apache installed, and someone finds/uses a vulnerability, they can make the apache user switch to root unless you've locked down sudoers.
Re: (Score:2)
By default sudo gives just an error about "switch your device to R&D mode if you want to break your device". You have to install a separate gainroot package to do it without R&D mode. Anyone who does either of those should be experienced enough to realize what the consequences are.
Of course, allowing ALL users rather than just the normal "user" to get root privileges is worse. And yes, a quick look at /etc/sudoers does look as if any user could simply do that. But I just tried:
1. start xterm
2. sudo
Re: (Score:1)
Oh yes, better lock it down. Also, change the root password from 'rootme'.