You are correct to a point. Any user in on a windows platform that has is in group administrators is dangerous.
QUICK TIP:
To run programs as root, when required you can use "sudo".
EXPANDED:
When running as root, edit "/etc/sudoers" and grant yourself privledge to certain commands or all commands. Then when running as a regular user you can execute the enabled commands like this :
sudo /sbin/ifconfig
If the commands have pipes or redirection then theres a trick required.
EXTRA TRICK:
sudo bash -c "cat /etc/hosts >/dev/null"
This is how you can run commands requiring pipes "|" or redirection ">".
Limiting users access to "special" commands can help with security and flexibility conflicts, this is done the best using sudo.
Guy
Buck wrote:
Hello everyone,
I found this thread interesting reading. I am one of those "ordinary
Win*DOH*s" users referred to earlier in the thread. I started using
windows with vs 1.0 or so. I think I skipped 2.x and then used 3.0 and
every version since then as well as every version of nt since 4.0.
I manage a small network that is served by Windows 2000 Pro (not server)
and will have to upgrade it to handle more users in the next 6 months or
so. In the meantime I am trying to learn enough to setup a Linux server
instead of continuing with m$.
One of the contributors mentioned earlier about not running things as
"root". The only book I have for Linux is Red Hat Linux 7.2 Bible.
Well, I haven't learned very much about Linux yet, but the book taught
me to create a user account and do all work from the user account and
not to use the root user at all. It says, rather, to use the superuser
command as needed. As a result of what I learned from the book, I have
gone back to all my XP/2000 computers and changed all users back to
"user" and setup special admin accounts for those occasions when it is
required to use admin privileges. I discussed this issue on the NT
listserv and learned that while it isn't a perfect solution, using
"user" privileges offers a lot of protection even in NT based windows.
There is definitely a learning curve to cross over from windoze to
Linux.
As I have 8.0 questions, I will be posting them here.
Buck
-----Original Message-----
From: psyche-list-admin@redhat.com [mailto:psyche-list-admin@redhat.com]
On Behalf Of Jesse Keating
Sent: Monday, January 20, 2003 6:49 PM
To: psyche-list@redhat.com
Subject: Re: Yes..., I can destroy your system!
On Sunday 19 January 2003 14:58, zhiren wrote:
1. Let's create a file name asdf in your home folder; 2. Then (1) start OpenOffice, (2) Alt-T-M to open the macro dialog, and enter this code: Sub AViciousCode Shell( "rm -rf ./asdf",2) end sub 3. Now run it to see your asdf file has gone!
There are other problems, such as the fact that OO.o will only run
macros from a file opened within certian directories. /home/$username is one of
them, but not any subdirectories. So, unless you download the email message
to your home directory, and _then_ open it, you won't have a problem.
-- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
