Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.lang.python > #82693 > unrolled thread

Hello World

Started bySteven D'Aprano <steve+comp.lang.python@pearwood.info>
First post2014-12-20 23:57 +1100
Last post2014-12-22 19:05 +0000
Articles 20 on this page of 122 — 30 participants

Back to article view | Back to comp.lang.python


Contents

  Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-20 23:57 +1100
    Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 00:11 +1100
    Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-20 16:13 +0000
    Re: Hello World Rustom Mody <rustompmody@gmail.com> - 2014-12-20 08:50 -0800
    Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2014-12-20 20:39 +0200
    Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2014-12-20 22:18 +0000
    Re: Hello World CM <cmpython@gmail.com> - 2014-12-20 21:14 -0800
      Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-21 16:26 +1100
      Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 16:31 +1100
      Re: Hello World Terry Reedy <tjreedy@udel.edu> - 2014-12-21 01:31 -0500
        Re: Hello World wxjmfauth@gmail.com - 2014-12-21 00:07 -0800
      Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 17:44 +1100
        Re: Hello World CM <cmpython@gmail.com> - 2014-12-20 23:44 -0800
          Re: Hello World CM <cmpython@gmail.com> - 2014-12-20 23:45 -0800
            Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-21 10:26 +0200
          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 18:46 +1100
        Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-08 12:43 +0000
          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-08 23:53 +1100
            Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-08 13:37 +0000
            Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-08 16:06 +0200
              Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2015-01-08 14:21 +0000
                Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-08 16:31 +0200
                  Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2015-01-08 15:14 +0000
            Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-08 15:11 +0100
            Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-17 14:51 +0000
              Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 01:57 +1100
                Re: Hello World cl@isbd.net - 2015-01-17 15:18 +0000
              Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-17 09:29 -0700
                Re: Hello World cl@isbd.net - 2015-01-17 16:47 +0000
                  Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-17 18:06 +0000
                    Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-17 19:47 +0100
                      Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-17 19:09 -0700
                    Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-01-18 13:37 +1100
                      Re: Hello World Roy Smith <roy@panix.com> - 2015-01-17 22:18 -0500
                        Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-01-18 14:45 +1100
                          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 18:45 +1100
                          Re: Hello World Roy Smith <roy@panix.com> - 2015-01-18 07:26 -0500
                        Re: Hello World Tim Chase <python.list@tim.thechases.com> - 2015-01-17 21:50 -0600
                        Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 18:44 +1100
                  Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2015-01-17 18:31 +0000
                    Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-01-18 10:46 +1100
                      Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 11:04 +1100
                      Re: Hello World Jason Friedman <jsf80238@gmail.com> - 2015-01-17 18:19 -0700
                      Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-17 19:13 -0700
                        Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-18 12:03 +0200
                          Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:34 +0100
                            Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-18 18:03 +0200
                              Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 19:39 +0100
                          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 21:10 +1100
                            Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-18 22:50 +0200
                        Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:32 +0100
                      Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 21:00 +1100
                        Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:35 +0100
                          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-19 00:57 +1100
                            Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 16:48 +0100
                              Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-19 04:08 +1100
                      Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:30 +0100
          Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2015-01-08 19:02 +0200
            Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-09 04:11 +1100
              Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-17 15:10 +0000
            Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-08 10:53 -0700
              Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2015-01-08 18:57 +0000
      Re: Hello World Devin Jeanpierre <jeanpierreda@gmail.com> - 2015-01-17 16:06 -0800
    Re: Hello World Tony the Tiger <tony@tiger.invalid> - 2014-12-21 19:22 +0000
      Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-21 22:02 +0200
      Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-22 09:51 +1100
        Re: Hello World Roy Smith <roy@panix.com> - 2014-12-21 18:50 -0500
          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 11:10 +1100
            Re: Hello World Roy Smith <roy@panix.com> - 2014-12-21 19:12 -0500
              Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 11:36 +1100
            Re: Hello World mm0fmf <none@mailinator.com> - 2014-12-22 00:20 +0000
              Re: Hello World Tim Chase <python.list@tim.thechases.com> - 2014-12-21 18:47 -0600
              Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-22 02:56 +0000
            Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-22 10:52 +0200
              Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 20:01 +1100
          Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2014-12-22 16:23 +0000
            Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 04:25 +1100
            Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-22 18:51 +0000
            Re: Hello World MRAB <python@mrabarnett.plus.com> - 2014-12-22 19:05 +0000
            Re: Hello World Tim Chase <python.list@tim.thechases.com> - 2014-12-22 13:16 -0600
              Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 19:55 -0500
                Re: Hello World sohcahtoa82@gmail.com - 2014-12-22 17:03 -0800
                  Re: Hello World MRAB <python@mrabarnett.plus.com> - 2014-12-23 01:37 +0000
                  Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 12:39 +1100
                  Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-23 02:36 +0000
                  Re: Hello World Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2014-12-23 12:24 -0500
                Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 12:03 +1100
            Encryption - was Hello World Dave Angel <d@davea.name> - 2014-12-22 14:57 -0500
            Re: Encryption - was Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 09:29 +1100
            Re: Encryption - was Hello World Dave Angel <davea@davea.name> - 2014-12-22 18:22 -0500
        Re: Hello World Rustom Mody <rustompmody@gmail.com> - 2014-12-21 18:37 -0800
        Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2014-12-22 08:21 +0200
          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 17:33 +1100
            Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2014-12-22 09:46 +0200
              Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 18:56 +1100
          Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-22 20:18 +1100
            Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-22 11:34 +0200
              Re: Hello World Rustom Mody <rustompmody@gmail.com> - 2014-12-22 19:38 -0800
            Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 08:15 -0500
              Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 00:23 +1100
                OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-23 13:09 +1100
                  Re: OFF TOPIC Snow Crash [was Re: Hello World] Grant Edwards <invalid@invalid.invalid> - 2014-12-23 16:20 +0000
                    Re: OFF TOPIC Snow Crash [was Re: Hello World] Rustom Mody <rustompmody@gmail.com> - 2014-12-23 08:41 -0800
                      Re: OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-24 12:51 +1100
                    Re: OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-24 14:18 +1100
                    Re: OFF TOPIC Snow Crash [was Re: Hello World] alister <alister.nospam.ware@ntlworld.com> - 2014-12-24 11:50 +0000
                      Re: OFF TOPIC Snow Crash [was Re: Hello World] alex23 <wuwei23@gmail.com> - 2014-12-26 09:34 +1000
                    Re: OFF TOPIC Snow Crash [was Re: Hello World] alex23 <wuwei23@gmail.com> - 2014-12-26 09:27 +1000
                      Re: OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-26 15:13 +1100
                        Re: OFF TOPIC Snow Crash [was Re: Hello World] alister <alister.nospam.ware@ntlworld.com> - 2014-12-26 10:03 +0000
              Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-22 15:26 +0200
                Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 08:41 -0500
          Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 08:13 -0500
            Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-23 02:22 +1100
              Re: Hello World Jussi Piitulainen <jpiitula@ling.helsinki.fi> - 2014-12-22 17:36 +0200
                Re: Hello World Chris Warrick <kwpolska@gmail.com> - 2014-12-22 17:03 +0100
              Re: Hello World Skip Montanaro <skip.montanaro@gmail.com> - 2014-12-22 09:39 -0600
                Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-23 03:54 +1100
              Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-22 18:48 +0000
          Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2014-12-22 16:26 +0000
      Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2014-12-22 16:18 +0000
        Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2014-12-22 19:05 +0000

Page 2 of 7 — ← Prev page 1 [2] 3 4 5 6 7  Next page →


#83334

Fromalister <alister.nospam.ware@ntlworld.com>
Date2015-01-08 14:21 +0000
Message-ID<_nwrw.363401$AC.149510@fx29.am4>
In reply to#83331
On Thu, 08 Jan 2015 16:06:16 +0200, Marko Rauhamaa wrote:

> Chris Angelico <rosuav@gmail.com>:
> 
>> With sudo, you get MUCH finer control. I can grant some user the power
>> to run "sudo eject sr0", but no other commands. I can permit someone to
>> execute any of a large number of commands, all individually logged.
> 
> I can't remember ever having a need for that. I sometimes use sudo but
> most times su is the way.
> 
>> I can allow sudo to other users than root, without having to reveal
>> those accounts' passwords (chances are they don't even have passwords).
> 
> An administrator doesn't need the users' passwords for anything but
> should be assumed to know them.

The administrator may be able to change them but he should NEVER know 
them (or need to)!
> 
>> But sure. If you want to cut out complication, dispense with user
>> accounts altogether and run everything as root. That's WAY simpler!
> 
> In the era of personal computers, the main advantage of the root account
> is that you can breathe more easily as an ordinary user, as the
> potential for accidental damage is lower.
> 
> 
> Marko





-- 
Davis' Law of Traffic Density:
	The density of rush-hour traffic is directly proportional to
	1.5 times the amount of extra time you allow to arrive on time.

[toc] | [prev] | [next] | [standalone]


#83337

FromMarko Rauhamaa <marko@pacujo.net>
Date2015-01-08 16:31 +0200
Message-ID<874ms1fio5.fsf@elektro.pacujo.net>
In reply to#83334
alister <alister.nospam.ware@ntlworld.com>:

> On Thu, 08 Jan 2015 16:06:16 +0200, Marko Rauhamaa wrote:
>> An administrator doesn't need the users' passwords for anything but
>> should be assumed to know them.
>
> The administrator may be able to change them but he should NEVER know 
> them (or need to)!

When you are under an administrator's dominion, *you* must assume the
they know your password.

(Somewhat in the same vein, if you are running a virtual machine, *you*
must assume the owner of the host computer has root access to your
virtual machine. By extension, *you* must assume the government
officials of the physical jurisdiction of the host computer have root
access to your virtual machine.)


Marko

[toc] | [prev] | [next] | [standalone]


#83346

Fromalister <alister.nospam.ware@ntlworld.com>
Date2015-01-08 15:14 +0000
Message-ID<q9xrw.363402$AC.102150@fx29.am4>
In reply to#83337
On Thu, 08 Jan 2015 16:31:22 +0200, Marko Rauhamaa wrote:

> alister <alister.nospam.ware@ntlworld.com>:
> 
>> On Thu, 08 Jan 2015 16:06:16 +0200, Marko Rauhamaa wrote:
>>> An administrator doesn't need the users' passwords for anything but
>>> should be assumed to know them.
>>
>> The administrator may be able to change them but he should NEVER know
>> them (or need to)!
> 
> When you are under an administrator's dominion, *you* must assume the
> they know your password.
> 
> (Somewhat in the same vein, if you are running a virtual machine, *you*
> must assume the owner of the host computer has root access to your
> virtual machine. By extension, *you* must assume the government
> officials of the physical jurisdiction of the host computer have root
> access to your virtual machine.)
> 
> 
> Marko
I will agree with you there. The administrator 'should' never know your 
password but as a user you should never believe that password security 
has been correctly implemented (just ask Sony :-) )



-- 
"The subspace _W inherits the other 8 properties of _V. And there 
aren't
even any property taxes."
		-- J. MacKay, Mathematics 134b

[toc] | [prev] | [next] | [standalone]


#83332

FromMichael Ströder <michael@stroeder.com>
Date2015-01-08 15:11 +0100
Message-ID<m8m35v$r74$1@dont-email.me>
In reply to#83328
Chris Angelico wrote:
> With sudo, you get MUCH finer control.

But it's very hard, almost impossible, to really implement fine-grained
control with sudo. Too many programs provide shell exits.

Well, it's off-topic here.
How about taking this to news:comp.security.unix ?

Ciao, Michael.

[toc] | [prev] | [next] | [standalone]


#83925

Fromalbert@spenarnc.xs4all.nl (Albert van der Horst)
Date2015-01-17 14:51 +0000
Message-ID<54ba76e0$0$15897$e4fe514c@dreader35.news.xs4all.nl>
In reply to#83328
In article <mailman.17471.1420721626.18130.python-list@python.org>,
Chris Angelico  <rosuav@gmail.com> wrote:
<SNIP>
>
>But sure. If you want to cut out complication, dispense with user
>accounts altogether and run everything as root. That's WAY simpler!

I didn't except this strawman argument from you.
Of course you need a distinction between doing system things as
root, and working as a normal user. You just don't need sudo.

>
>ChrisA
-- 
Albert van der Horst, UTRECHT,THE NETHERLANDS
Economic growth -- being exponential -- ultimately falters.
albert@spe&ar&c.xs4all.nl &=n http://home.hccnet.nl/a.w.m.van.der.horst

[toc] | [prev] | [next] | [standalone]


#83926

FromChris Angelico <rosuav@gmail.com>
Date2015-01-18 01:57 +1100
Message-ID<mailman.17813.1421506643.18130.python-list@python.org>
In reply to#83925
On Sun, Jan 18, 2015 at 1:51 AM, Albert van der Horst
<albert@spenarnc.xs4all.nl> wrote:
> In article <mailman.17471.1420721626.18130.python-list@python.org>,
> Chris Angelico  <rosuav@gmail.com> wrote:
> <SNIP>
>>
>>But sure. If you want to cut out complication, dispense with user
>>accounts altogether and run everything as root. That's WAY simpler!
>
> I didn't except this strawman argument from you.
> Of course you need a distinction between doing system things as
> root, and working as a normal user. You just don't need sudo.

So you have to have a password on the root account. My systems are
more secure, as they do not have a password that someone could learn.

ChrisA

[toc] | [prev] | [next] | [standalone]


#83929

Fromcl@isbd.net
Date2015-01-17 15:18 +0000
Message-ID<92bqob-aj2.ln1@esprimo.zbmc.eu>
In reply to#83926
Chris Angelico <rosuav@gmail.com> wrote:
> On Sun, Jan 18, 2015 at 1:51 AM, Albert van der Horst
> <albert@spenarnc.xs4all.nl> wrote:
> > In article <mailman.17471.1420721626.18130.python-list@python.org>,
> > Chris Angelico  <rosuav@gmail.com> wrote:
> > <SNIP>
> >>
> >>But sure. If you want to cut out complication, dispense with user
> >>accounts altogether and run everything as root. That's WAY simpler!
> >
> > I didn't except this strawman argument from you.
> > Of course you need a distinction between doing system things as
> > root, and working as a normal user. You just don't need sudo.
> 
> So you have to have a password on the root account. My systems are
> more secure, as they do not have a password that someone could learn.
> 
Yes, they do (if you use sudo) it's *your* password and IMHO it's less
secure as you only need to know one password to get root access.

-- 
Chris Green
·

[toc] | [prev] | [next] | [standalone]


#83930

FromMichael Torrie <torriem@gmail.com>
Date2015-01-17 09:29 -0700
Message-ID<mailman.17814.1421512178.18130.python-list@python.org>
In reply to#83925
On 01/17/2015 07:51 AM, Albert van der Horst wrote:
> In article <mailman.17471.1420721626.18130.python-list@python.org>,
> Chris Angelico  <rosuav@gmail.com> wrote:
> <SNIP>
>>
>> But sure. If you want to cut out complication, dispense with user
>> accounts altogether and run everything as root. That's WAY simpler!
> 
> I didn't except this strawman argument from you.
> Of course you need a distinction between doing system things as
> root, and working as a normal user. You just don't need sudo.

I just don't see the distinction.  What's the difference between having
to type in a root password and having to type in your own administrative
user password?  Guess we're all just struggling to understand your logic
here.

On my laptop sudo has a huge advantage over su, and that is I can use my
fingerprint reader to access root. Now I could set up root to accept a
fingerprint as well which would work with su, but the sudo solution is
much quicker to configure.

[toc] | [prev] | [next] | [standalone]


#83932

Fromcl@isbd.net
Date2015-01-17 16:47 +0000
Message-ID<h9gqob-c3e.ln1@esprimo.zbmc.eu>
In reply to#83930
Michael Torrie <torriem@gmail.com> wrote:
> On 01/17/2015 07:51 AM, Albert van der Horst wrote:
> > In article <mailman.17471.1420721626.18130.python-list@python.org>,
> > Chris Angelico  <rosuav@gmail.com> wrote:
> > <SNIP>
> >>
> >> But sure. If you want to cut out complication, dispense with user
> >> accounts altogether and run everything as root. That's WAY simpler!
> > 
> > I didn't except this strawman argument from you.
> > Of course you need a distinction between doing system things as
> > root, and working as a normal user. You just don't need sudo.
> 
> I just don't see the distinction.  What's the difference between having
> to type in a root password and having to type in your own administrative
> user password?  Guess we're all just struggling to understand your logic
> here.
> 
One big distinction is that you need to know two passwords to get root
access if there's a real root account as opposed to using sudo.  This
only applies of course if direct root login isn't allowed (via ssh or
whatever).

-- 
Chris Green
·

[toc] | [prev] | [next] | [standalone]


#83937

Fromalbert@spenarnc.xs4all.nl (Albert van der Horst)
Date2015-01-17 18:06 +0000
Message-ID<54baa4b1$0$15857$e4fe514c@dreader35.news.xs4all.nl>
In reply to#83932
In article <h9gqob-c3e.ln1@esprimo.zbmc.eu>,  <cl@isbd.net> wrote:
>Michael Torrie <torriem@gmail.com> wrote:
>> On 01/17/2015 07:51 AM, Albert van der Horst wrote:
>> > In article <mailman.17471.1420721626.18130.python-list@python.org>,
>> > Chris Angelico  <rosuav@gmail.com> wrote:
>> > <SNIP>
>> >>
>> >> But sure. If you want to cut out complication, dispense with user
>> >> accounts altogether and run everything as root. That's WAY simpler!
>> >
>> > I didn't except this strawman argument from you.
>> > Of course you need a distinction between doing system things as
>> > root, and working as a normal user. You just don't need sudo.
>>
>> I just don't see the distinction.  What's the difference between having
>> to type in a root password and having to type in your own administrative
>> user password?  Guess we're all just struggling to understand your logic
>> here.
>>
>One big distinction is that you need to know two passwords to get root
>access if there's a real root account as opposed to using sudo.  This
>only applies of course if direct root login isn't allowed (via ssh or
>whatever).

The other is that if a dozen users have sudo possibility, one compromised
password compromises the whole system. The same administrators that like
sudo will force the users into a "safe" password of at least 8 characters
a special sign a number and a capital, instead of educating them to
use a strong password like the_horse_eats_yellow_stones. 1]
Chances are that one of the users has a password like
! (first special sign) 1 (first number) Q (first capital)
followed by a weak 5 letter word (or even a guessable one).

Compare that to
"Dear administrator, I've to do this. Can I have the root password."
"Sure here it is" Looks over users shoulder. "Are you ready?"
Make sure he's logged out. Uses random generator for a new password.

If there is something, anything, change the root password and check
the disk for suid-root files.

There is no such thing as automatic security.
Security requires one thing: attention. And effort. So two things:
attention and effort. And simplicity. So three things: attention,
effort and simplicity.

sudo makes administrators careless, lazy and it is not simple at all.

>--
>Chris Green

Groetjes Albert

1] I don't claim this is *very* strong, just strong.
-- 
Albert van der Horst, UTRECHT,THE NETHERLANDS
Economic growth -- being exponential -- ultimately falters.
albert@spe&ar&c.xs4all.nl &=n http://home.hccnet.nl/a.w.m.van.der.horst

[toc] | [prev] | [next] | [standalone]


#83942

FromMichael Ströder <michael@stroeder.com>
Date2015-01-17 19:47 +0100
Message-ID<m9eane$qfm$1@dont-email.me>
In reply to#83937
albert@spenarnc.xs4all.nl (Albert van der Horst) wrote:
> In article <h9gqob-c3e.ln1@esprimo.zbmc.eu>,  <cl@isbd.net> wrote:
>> Michael Torrie <torriem@gmail.com> wrote:
>>> On 01/17/2015 07:51 AM, Albert van der Horst wrote:
>>>> In article <mailman.17471.1420721626.18130.python-list@python.org>,
>>>> Chris Angelico  <rosuav@gmail.com> wrote:
>>>> <SNIP>
>>>>>
>>>>> But sure. If you want to cut out complication, dispense with user
>>>>> accounts altogether and run everything as root. That's WAY simpler!
>>>>
>>>> I didn't except this strawman argument from you.
>>>> Of course you need a distinction between doing system things as
>>>> root, and working as a normal user. You just don't need sudo.
>>>
>>> I just don't see the distinction.  What's the difference between having
>>> to type in a root password and having to type in your own administrative
>>> user password?  Guess we're all just struggling to understand your logic
>>> here.
>>>
>> One big distinction is that you need to know two passwords to get root
>> access if there's a real root account as opposed to using sudo.  This
>> only applies of course if direct root login isn't allowed (via ssh or
>> whatever).
> 
> The other is that if a dozen users have sudo possibility, one compromised
> password compromises the whole system.

Hmm, but it's much worse if a dozen users have to know the root password. With
this they can circumvent sudo completely (e.g. going over IPMI console).

> Compare that to
> "Dear administrator, I've to do this. Can I have the root password."
> "Sure here it is" Looks over users shoulder. "Are you ready?"
> Make sure he's logged out. Uses random generator for a new password.

This process does not work for dozens of admins maintaining thousands of
machines. Especially when something goes wrong in the night shift and has to
be fixed quickly.

> If there is something, anything, change the root password and check
> the disk for suid-root files.

Better require public key authc for SSH access and the user's own (one-time)
password for sudo. If your security requirements are really high mandate going
through a SSH gateway / jumphost.

> Security requires one thing: attention. And effort. So two things:
> attention and effort. And simplicity. So three things: attention,
> effort and simplicity.

Yes.

> sudo makes administrators careless, lazy and it is not simple at all.

Admins must have separate accounts with separate credentials for
administrative work and must be careful when using an administrative account.

Ciao, Michael.

[toc] | [prev] | [next] | [standalone]


#83961

FromMichael Torrie <torriem@gmail.com>
Date2015-01-17 19:09 -0700
Message-ID<mailman.17822.1421546969.18130.python-list@python.org>
In reply to#83942
On 01/17/2015 11:47 AM, Michael Ströder wrote:
>> sudo makes administrators careless, lazy and it is not simple at all.
> 
> Admins must have separate accounts with separate credentials for
> administrative work and must be careful when using an administrative account.

Right.  This is not a bad idea in a large organization.

In any case, Sudo is more auditable than su in my opinion, but more
importantly, it's much easier to revoke.  With su, if I fire an admin, I
have to change root passwords on every machine, and redistribute the new
password to every admin that needs it.  With sudo, I might still change
the root password, but I'll lock the root password up in a safe box
somewhere, and life goes on for everyone else.  In fact with root
disabled entirely, the whole root password needing to be changed when a
person leaves the company is completely eliminated.  sudo allows us
(especially with the idea about separate admin credentials) to have
multiple, controllable, auditable, root passwords in effect.  Surely the
benefit of this can be seen.

Another good alternative to sudo is ksu, which is a kerberized su.  This
also provides an excellent audit trail, and is easy to revoke.  This may
be more to Mr. van der Horst's liking, as normally ksu is configured to
accept only principals with a /admin suffix (arbitrarily chosen). So
admins would have their normal principal, and their admin principal.
It's a pretty slick system if you have Kerberos up and running.

[toc] | [prev] | [next] | [standalone]


#83962

FromSteven D'Aprano <steve+comp.lang.python@pearwood.info>
Date2015-01-18 13:37 +1100
Message-ID<54bb1c83$0$12979$c3e8da3$5496439d@news.astraweb.com>
In reply to#83937
Albert van der Horst wrote:

> In article <h9gqob-c3e.ln1@esprimo.zbmc.eu>,  <cl@isbd.net> wrote:
>>Michael Torrie <torriem@gmail.com> wrote:
>>> On 01/17/2015 07:51 AM, Albert van der Horst wrote:
>>> > In article <mailman.17471.1420721626.18130.python-list@python.org>,
>>> > Chris Angelico  <rosuav@gmail.com> wrote:
>>> > <SNIP>
>>> >>
>>> >> But sure. If you want to cut out complication, dispense with user
>>> >> accounts altogether and run everything as root. That's WAY simpler!
>>> >
>>> > I didn't except this strawman argument from you.
>>> > Of course you need a distinction between doing system things as
>>> > root, and working as a normal user. You just don't need sudo.
>>>
>>> I just don't see the distinction.  What's the difference between having
>>> to type in a root password and having to type in your own administrative
>>> user password?  Guess we're all just struggling to understand your logic
>>> here.
>>>
>>One big distinction is that you need to know two passwords to get root
>>access if there's a real root account as opposed to using sudo.  This
>>only applies of course if direct root login isn't allowed (via ssh or
>>whatever).
> 
> The other is that if a dozen users have sudo possibility, one compromised
> password compromises the whole system. The same administrators that like
> sudo will force the users into a "safe" password of at least 8 characters
> a special sign a number and a capital, instead of educating them to
> use a strong password like the_horse_eats_yellow_stones. 1]

Sigh. I like XKCD, I really do, but anyone who thinks that brute force
attacks cannot simply replace words for characters is deluding themselves.

Consider a password like "mg93H$8s". Each character is taken from an
alphabet of lowercase and uppercase letters plus digits, plus 32
punctuation characters and other symbols available on a US keyboard. There
are 26+26+10+32 = 94 different "letters" in this alphabet. If your password
is ten characters long, there is a potential pool of 94**10 available
passwords. Let's say we strip out 90% of them for being "too easy to guess"
(say, eight "A"s in a row, or it happens to contain your username). That
still leaves us with:

94**10//10 = 5386151140948997017

potential passwords.

Now consider the XKCD scheme. You pick four words from a dictionary and
concatenate them. On my system, /usr/share/dict/words has a little less
than 500,000 words. The problem is, most of them are not really memorable,
and many of them are very low entropy. Here's a selection from the first
few starting with A:

A  A.  a  a'  a-  a.  A-1  A1  a1  A4  A5  AA  aa
A.A.A.  AAA  aaa  AAAA

So in practice people are going to choose words from a much, much smaller
selection. I estimate that most people are going to choose words from a
pool of about 10,000 words or so, but let's imagine that you have four
times the vocabulary (or imagination) of the average person and pick from a
pool of 40,000 words, specially crafted to avoid low-entropy selections
such as "AAA A4 aa a". That gives:

40000**4 = 2560000000000000000

potential passwords, half that of the conventional scheme. And if people
have biases in the words they pick -- and you better believe they will --
that will be reduced even further. Password crackers will take advantage of
the fact that most XKCD-style passwords will include at least one of the
most common thousand or so words, reducing the search space significantly.

I believe that the state of the art of password cracking is such now that
people cannot realistically expect to remember sufficiently strong
passwords for all the things they need passwords for. I believe that the
only good solution is to have one strong passphrase that you use to protect
a password manager, which in turn uses long (12 character or more),
completely random passwords.

Even that doesn't protect you, because your security is controlled by
websites and banks etc. with stupid security policies. E.g. I am forced to
deal with one bank that uses a cryptographic key to sign in to their bank,
but your passphrase is limited to exactly eight characters. Another bank I
use limits you to SIX characters, taken from case-insensitive(!) letters,
digits, and a small set of punctuation.

At least they do enforce rate limiting on account logins: three wrong login
attempts and they lock your account and force you to go to a branch in
person to recover it. (Can you say "Denial Of Service Attack"? I can.)



> Compare that to
> "Dear administrator, I've to do this. Can I have the root password."
> "Sure here it is" Looks over users shoulder. "Are you ready?"
> Make sure he's logged out. Uses random generator for a new password.

That is a ridiculously impractical system for anything other than a home
system.

Problems include:

- You have a single point of failure, the one administrator who controls
access to the root password. The day he stays home with his phone switched
off to play WOW is the day the mail server dies and you need root to fix
it. The "Bus Factor" (what do you do when the administrator gets hit by a
bus?) is critical.

- You might be changing the root password dozens of times a day; if you have
to restore your system from backup, chances are nobody will know what the
root password was this time two days ago.

- Lack of accountability: somebody used the root account to delete files
they're not supposed to. Who was it? No idea, it was somebody with root,
which could mean anyone who could have come up with a sufficiently
plausible excuse to convince the trusted admin to give them root access
that day. With sudo, all commands are logged, and even if the sudoer
runs "bash" to defeat the logging, it is obvious that they have done so and
can be asked to explain why they shouldn't be fired for breaching company
policy.

- Completely impractical for big sites. Imagine Google, with tens of
thousands of machines, and thousands of administrators across multiple
timezones, if they all had to go through a single admin to request the root
password.



 

-- 
Steven

[toc] | [prev] | [next] | [standalone]


#83965

FromRoy Smith <roy@panix.com>
Date2015-01-17 22:18 -0500
Message-ID<roy-6A98A2.22182117012015@news.panix.com>
In reply to#83962
In article <54bb1c83$0$12979$c3e8da3$5496439d@news.astraweb.com>,
 Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote:

> Even that doesn't protect you, because your security is controlled by
> websites and banks etc. with stupid security policies. E.g. I am forced to
> deal with one bank that uses a cryptographic key to sign in to their bank,
> but your passphrase is limited to exactly eight characters. Another bank I
> use limits you to SIX characters, taken from case-insensitive(!) letters,
> digits, and a small set of punctuation.

Tell me about it.  I have an E-Trade ATM card.  When I first got it, I 
set it up with a 6 digit PIN.  I was shocked to discover some time later 
that it actually only looks at the first 4 digits.  And, no, I'm not 
talking *characters*, I'm talking *digits*.  There are 10**4 possible 
PINs.  The mind boggles.

On the other hand, E-Trade gave me an RSA key fob so I use two-factor 
authentication on their web site.

[toc] | [prev] | [next] | [standalone]


#83966

FromSteven D'Aprano <steve+comp.lang.python@pearwood.info>
Date2015-01-18 14:45 +1100
Message-ID<54bb2c5f$0$12977$c3e8da3$5496439d@news.astraweb.com>
In reply to#83965
Roy Smith wrote:

> In article <54bb1c83$0$12979$c3e8da3$5496439d@news.astraweb.com>,
>  Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote:
> 
>> Even that doesn't protect you, because your security is controlled by
>> websites and banks etc. with stupid security policies. E.g. I am forced
>> to deal with one bank that uses a cryptographic key to sign in to their
>> bank, but your passphrase is limited to exactly eight characters. Another
>> bank I use limits you to SIX characters, taken from case-insensitive(!)
>> letters, digits, and a small set of punctuation.
> 
> Tell me about it.  I have an E-Trade ATM card.  When I first got it, I
> set it up with a 6 digit PIN.  I was shocked to discover some time later
> that it actually only looks at the first 4 digits.  And, no, I'm not
> talking *characters*, I'm talking *digits*.  There are 10**4 possible
> PINs.  The mind boggles.
> 
> On the other hand, E-Trade gave me an RSA key fob so I use two-factor
> authentication on their web site.

You know that two-factor authentication doesn't offer any real security
against Man In The Middle attacks? Scenario:

* You log in to the bank, and transfer $1 to me.
* Evil haxor intercepts the transfer between your PC and the Internet,
  changing it to a request to transfer ONE MILLION DOLLARS to evil 
  haxor's account.
* Bank receives the request and sends you a token.
* You receive the token and approve the transfer.
* Evil haxor makes the money disappear.
* When you complain to the bank that your account is ONE MILLION DOLLARS
  overdrawn, they insist that you authorized the transfer so their 
  liability is limited to exactly Sweet FA.

(I am very cynical about most of the "security features" the banks are
pushing for, since in my opinion they are more about giving the banks
plausible deniablity so they can push responsibility for security breaches
onto the customer.)


As soon as I heard that banks were turning to two-factor authentication I
predicted that attackers would trivially move to man-in-the-middle and
man-in-the-browser attacks to get around them. And sure enough, as long ago
as 2006 that's exactly what happened:

http://blog.washingtonpost.com/securityfix/2006/07/citibank_phish_spoofs_2factor_1.html

More here:

https://www.schneier.com/blog/archives/2012/09/man-in-the-midd_5.html

(read the comments for more examples)

All of the MITM attacks I know of involve social engineering attacks, but if
and when customers get too sophisticated to fall for phishing attacks[1],
the bad guys will move to scenarios like the one I described, where they
hijack your own legitimate transactions.




[1] Try not to laugh. It could happen.

-- 
Steven

[toc] | [prev] | [next] | [standalone]


#83969

FromChris Angelico <rosuav@gmail.com>
Date2015-01-18 18:45 +1100
Message-ID<mailman.17825.1421567125.18130.python-list@python.org>
In reply to#83966
On Sun, Jan 18, 2015 at 2:45 PM, Steven D'Aprano
<steve+comp.lang.python@pearwood.info> wrote:
> (I am very cynical about most of the "security features" the banks are
> pushing for, since in my opinion they are more about giving the banks
> plausible deniablity so they can push responsibility for security breaches
> onto the customer.)

Definitely they are. Banks don't care about customers, they care about profits.

James Hacker: I see, it's just profits, isn't it, Sir Desmond?
Sir Desmond: It's not "just" profits - it's profits!
-- Yes Minister


ChrisA

[toc] | [prev] | [next] | [standalone]


#83977

FromRoy Smith <roy@panix.com>
Date2015-01-18 07:26 -0500
Message-ID<roy-120F05.07262318012015@news.panix.com>
In reply to#83966
In article <54bb2c5f$0$12977$c3e8da3$5496439d@news.astraweb.com>,
 Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote:

> You know that two-factor authentication doesn't offer any real security
> against Man In The Middle attacks?

The fact that TFA doesn't solve all problems doesn't change the fact 
that it solves some of them.

[toc] | [prev] | [next] | [standalone]


#83967

FromTim Chase <python.list@tim.thechases.com>
Date2015-01-17 21:50 -0600
Message-ID<mailman.17823.1421557595.18130.python-list@python.org>
In reply to#83965
On 2015-01-17 22:18, Roy Smith wrote:
> Tell me about it.  I have an E-Trade ATM card.  When I first got
> it, I set it up with a 6 digit PIN.  I was shocked to discover some
> time later that it actually only looks at the first 4 digits.  And,
> no, I'm not talking *characters*, I'm talking *digits*.  There are
> 10**4 possible PINs.  The mind boggles.

You think that's bad, one million Google Authenticator 2-factor
verification codes were leaked:

https://twitter.com/paulmutton/status/509991378647277568

Those hackers are a wily bunch.  ;-)


-tkc



[toc] | [prev] | [next] | [standalone]


#83968

FromChris Angelico <rosuav@gmail.com>
Date2015-01-18 18:44 +1100
Message-ID<mailman.17824.1421567048.18130.python-list@python.org>
In reply to#83965
On Sun, Jan 18, 2015 at 2:50 PM, Tim Chase
<python.list@tim.thechases.com> wrote:
> You think that's bad, one million Google Authenticator 2-factor
> verification codes were leaked:
>
> https://twitter.com/paulmutton/status/509991378647277568
>
> Those hackers are a wily bunch.  ;-)

http://torrent-city.net/download/Li/List-of-ALL-ip-addresses-[hacking-tool]-[source-code-included].5185923.html

ChrisA

[toc] | [prev] | [next] | [standalone]


#83939

FromMark Lawrence <breamoreboy@yahoo.co.uk>
Date2015-01-17 18:31 +0000
Message-ID<mailman.17815.1421519526.18130.python-list@python.org>
In reply to#83932
On 17/01/2015 16:47, cl@isbd.net wrote:
> Michael Torrie <torriem@gmail.com> wrote:
>> On 01/17/2015 07:51 AM, Albert van der Horst wrote:
>>> In article <mailman.17471.1420721626.18130.python-list@python.org>,
>>> Chris Angelico  <rosuav@gmail.com> wrote:
>>> <SNIP>
>>>>
>>>> But sure. If you want to cut out complication, dispense with user
>>>> accounts altogether and run everything as root. That's WAY simpler!
>>>
>>> I didn't except this strawman argument from you.
>>> Of course you need a distinction between doing system things as
>>> root, and working as a normal user. You just don't need sudo.
>>
>> I just don't see the distinction.  What's the difference between having
>> to type in a root password and having to type in your own administrative
>> user password?  Guess we're all just struggling to understand your logic
>> here.
>>
> One big distinction is that you need to know two passwords to get root
> access if there's a real root account as opposed to using sudo.  This
> only applies of course if direct root login isn't allowed (via ssh or
> whatever).
>

Bah humbug, this has reminded me of doing secure work whereby each 
individual had two passwords, both of which had to be changed every 
thirty days, and rules were enforced so you couldn't just increment the 
number at the end of a word or similar.

-- 
My fellow Pythonistas, ask not what our language can do for you, ask
what you can do for our language.

Mark Lawrence

[toc] | [prev] | [next] | [standalone]


Page 2 of 7 — ← Prev page 1 [2] 3 4 5 6 7  Next page →

Back to top | Article view | comp.lang.python


csiph-web