Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #82693 > unrolled thread
| Started by | Steven D'Aprano <steve+comp.lang.python@pearwood.info> |
|---|---|
| First post | 2014-12-20 23:57 +1100 |
| Last post | 2014-12-22 19:05 +0000 |
| Articles | 20 on this page of 122 — 30 participants |
Back to article view | Back to comp.lang.python
Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-20 23:57 +1100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 00:11 +1100
Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-20 16:13 +0000
Re: Hello World Rustom Mody <rustompmody@gmail.com> - 2014-12-20 08:50 -0800
Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2014-12-20 20:39 +0200
Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2014-12-20 22:18 +0000
Re: Hello World CM <cmpython@gmail.com> - 2014-12-20 21:14 -0800
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-21 16:26 +1100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 16:31 +1100
Re: Hello World Terry Reedy <tjreedy@udel.edu> - 2014-12-21 01:31 -0500
Re: Hello World wxjmfauth@gmail.com - 2014-12-21 00:07 -0800
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 17:44 +1100
Re: Hello World CM <cmpython@gmail.com> - 2014-12-20 23:44 -0800
Re: Hello World CM <cmpython@gmail.com> - 2014-12-20 23:45 -0800
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-21 10:26 +0200
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 18:46 +1100
Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-08 12:43 +0000
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-08 23:53 +1100
Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-08 13:37 +0000
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-08 16:06 +0200
Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2015-01-08 14:21 +0000
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-08 16:31 +0200
Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2015-01-08 15:14 +0000
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-08 15:11 +0100
Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-17 14:51 +0000
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 01:57 +1100
Re: Hello World cl@isbd.net - 2015-01-17 15:18 +0000
Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-17 09:29 -0700
Re: Hello World cl@isbd.net - 2015-01-17 16:47 +0000
Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-17 18:06 +0000
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-17 19:47 +0100
Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-17 19:09 -0700
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-01-18 13:37 +1100
Re: Hello World Roy Smith <roy@panix.com> - 2015-01-17 22:18 -0500
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-01-18 14:45 +1100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 18:45 +1100
Re: Hello World Roy Smith <roy@panix.com> - 2015-01-18 07:26 -0500
Re: Hello World Tim Chase <python.list@tim.thechases.com> - 2015-01-17 21:50 -0600
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 18:44 +1100
Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2015-01-17 18:31 +0000
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-01-18 10:46 +1100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 11:04 +1100
Re: Hello World Jason Friedman <jsf80238@gmail.com> - 2015-01-17 18:19 -0700
Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-17 19:13 -0700
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-18 12:03 +0200
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:34 +0100
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-18 18:03 +0200
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 19:39 +0100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 21:10 +1100
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-18 22:50 +0200
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:32 +0100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 21:00 +1100
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:35 +0100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-19 00:57 +1100
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 16:48 +0100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-19 04:08 +1100
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:30 +0100
Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2015-01-08 19:02 +0200
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-09 04:11 +1100
Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-17 15:10 +0000
Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-08 10:53 -0700
Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2015-01-08 18:57 +0000
Re: Hello World Devin Jeanpierre <jeanpierreda@gmail.com> - 2015-01-17 16:06 -0800
Re: Hello World Tony the Tiger <tony@tiger.invalid> - 2014-12-21 19:22 +0000
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-21 22:02 +0200
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-22 09:51 +1100
Re: Hello World Roy Smith <roy@panix.com> - 2014-12-21 18:50 -0500
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 11:10 +1100
Re: Hello World Roy Smith <roy@panix.com> - 2014-12-21 19:12 -0500
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 11:36 +1100
Re: Hello World mm0fmf <none@mailinator.com> - 2014-12-22 00:20 +0000
Re: Hello World Tim Chase <python.list@tim.thechases.com> - 2014-12-21 18:47 -0600
Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-22 02:56 +0000
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-22 10:52 +0200
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 20:01 +1100
Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2014-12-22 16:23 +0000
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 04:25 +1100
Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-22 18:51 +0000
Re: Hello World MRAB <python@mrabarnett.plus.com> - 2014-12-22 19:05 +0000
Re: Hello World Tim Chase <python.list@tim.thechases.com> - 2014-12-22 13:16 -0600
Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 19:55 -0500
Re: Hello World sohcahtoa82@gmail.com - 2014-12-22 17:03 -0800
Re: Hello World MRAB <python@mrabarnett.plus.com> - 2014-12-23 01:37 +0000
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 12:39 +1100
Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-23 02:36 +0000
Re: Hello World Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2014-12-23 12:24 -0500
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 12:03 +1100
Encryption - was Hello World Dave Angel <d@davea.name> - 2014-12-22 14:57 -0500
Re: Encryption - was Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 09:29 +1100
Re: Encryption - was Hello World Dave Angel <davea@davea.name> - 2014-12-22 18:22 -0500
Re: Hello World Rustom Mody <rustompmody@gmail.com> - 2014-12-21 18:37 -0800
Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2014-12-22 08:21 +0200
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 17:33 +1100
Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2014-12-22 09:46 +0200
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 18:56 +1100
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-22 20:18 +1100
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-22 11:34 +0200
Re: Hello World Rustom Mody <rustompmody@gmail.com> - 2014-12-22 19:38 -0800
Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 08:15 -0500
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 00:23 +1100
OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-23 13:09 +1100
Re: OFF TOPIC Snow Crash [was Re: Hello World] Grant Edwards <invalid@invalid.invalid> - 2014-12-23 16:20 +0000
Re: OFF TOPIC Snow Crash [was Re: Hello World] Rustom Mody <rustompmody@gmail.com> - 2014-12-23 08:41 -0800
Re: OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-24 12:51 +1100
Re: OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-24 14:18 +1100
Re: OFF TOPIC Snow Crash [was Re: Hello World] alister <alister.nospam.ware@ntlworld.com> - 2014-12-24 11:50 +0000
Re: OFF TOPIC Snow Crash [was Re: Hello World] alex23 <wuwei23@gmail.com> - 2014-12-26 09:34 +1000
Re: OFF TOPIC Snow Crash [was Re: Hello World] alex23 <wuwei23@gmail.com> - 2014-12-26 09:27 +1000
Re: OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-26 15:13 +1100
Re: OFF TOPIC Snow Crash [was Re: Hello World] alister <alister.nospam.ware@ntlworld.com> - 2014-12-26 10:03 +0000
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-22 15:26 +0200
Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 08:41 -0500
Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 08:13 -0500
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-23 02:22 +1100
Re: Hello World Jussi Piitulainen <jpiitula@ling.helsinki.fi> - 2014-12-22 17:36 +0200
Re: Hello World Chris Warrick <kwpolska@gmail.com> - 2014-12-22 17:03 +0100
Re: Hello World Skip Montanaro <skip.montanaro@gmail.com> - 2014-12-22 09:39 -0600
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-23 03:54 +1100
Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-22 18:48 +0000
Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2014-12-22 16:26 +0000
Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2014-12-22 16:18 +0000
Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2014-12-22 19:05 +0000
Page 2 of 7 — ← Prev page 1 [2] 3 4 5 6 7 Next page →
| From | alister <alister.nospam.ware@ntlworld.com> |
|---|---|
| Date | 2015-01-08 14:21 +0000 |
| Message-ID | <_nwrw.363401$AC.149510@fx29.am4> |
| In reply to | #83331 |
On Thu, 08 Jan 2015 16:06:16 +0200, Marko Rauhamaa wrote: > Chris Angelico <rosuav@gmail.com>: > >> With sudo, you get MUCH finer control. I can grant some user the power >> to run "sudo eject sr0", but no other commands. I can permit someone to >> execute any of a large number of commands, all individually logged. > > I can't remember ever having a need for that. I sometimes use sudo but > most times su is the way. > >> I can allow sudo to other users than root, without having to reveal >> those accounts' passwords (chances are they don't even have passwords). > > An administrator doesn't need the users' passwords for anything but > should be assumed to know them. The administrator may be able to change them but he should NEVER know them (or need to)! > >> But sure. If you want to cut out complication, dispense with user >> accounts altogether and run everything as root. That's WAY simpler! > > In the era of personal computers, the main advantage of the root account > is that you can breathe more easily as an ordinary user, as the > potential for accidental damage is lower. > > > Marko -- Davis' Law of Traffic Density: The density of rush-hour traffic is directly proportional to 1.5 times the amount of extra time you allow to arrive on time.
[toc] | [prev] | [next] | [standalone]
| From | Marko Rauhamaa <marko@pacujo.net> |
|---|---|
| Date | 2015-01-08 16:31 +0200 |
| Message-ID | <874ms1fio5.fsf@elektro.pacujo.net> |
| In reply to | #83334 |
alister <alister.nospam.ware@ntlworld.com>: > On Thu, 08 Jan 2015 16:06:16 +0200, Marko Rauhamaa wrote: >> An administrator doesn't need the users' passwords for anything but >> should be assumed to know them. > > The administrator may be able to change them but he should NEVER know > them (or need to)! When you are under an administrator's dominion, *you* must assume the they know your password. (Somewhat in the same vein, if you are running a virtual machine, *you* must assume the owner of the host computer has root access to your virtual machine. By extension, *you* must assume the government officials of the physical jurisdiction of the host computer have root access to your virtual machine.) Marko
[toc] | [prev] | [next] | [standalone]
| From | alister <alister.nospam.ware@ntlworld.com> |
|---|---|
| Date | 2015-01-08 15:14 +0000 |
| Message-ID | <q9xrw.363402$AC.102150@fx29.am4> |
| In reply to | #83337 |
On Thu, 08 Jan 2015 16:31:22 +0200, Marko Rauhamaa wrote: > alister <alister.nospam.ware@ntlworld.com>: > >> On Thu, 08 Jan 2015 16:06:16 +0200, Marko Rauhamaa wrote: >>> An administrator doesn't need the users' passwords for anything but >>> should be assumed to know them. >> >> The administrator may be able to change them but he should NEVER know >> them (or need to)! > > When you are under an administrator's dominion, *you* must assume the > they know your password. > > (Somewhat in the same vein, if you are running a virtual machine, *you* > must assume the owner of the host computer has root access to your > virtual machine. By extension, *you* must assume the government > officials of the physical jurisdiction of the host computer have root > access to your virtual machine.) > > > Marko I will agree with you there. The administrator 'should' never know your password but as a user you should never believe that password security has been correctly implemented (just ask Sony :-) ) -- "The subspace _W inherits the other 8 properties of _V. And there aren't even any property taxes." -- J. MacKay, Mathematics 134b
[toc] | [prev] | [next] | [standalone]
| From | Michael Ströder <michael@stroeder.com> |
|---|---|
| Date | 2015-01-08 15:11 +0100 |
| Message-ID | <m8m35v$r74$1@dont-email.me> |
| In reply to | #83328 |
Chris Angelico wrote: > With sudo, you get MUCH finer control. But it's very hard, almost impossible, to really implement fine-grained control with sudo. Too many programs provide shell exits. Well, it's off-topic here. How about taking this to news:comp.security.unix ? Ciao, Michael.
[toc] | [prev] | [next] | [standalone]
| From | albert@spenarnc.xs4all.nl (Albert van der Horst) |
|---|---|
| Date | 2015-01-17 14:51 +0000 |
| Message-ID | <54ba76e0$0$15897$e4fe514c@dreader35.news.xs4all.nl> |
| In reply to | #83328 |
In article <mailman.17471.1420721626.18130.python-list@python.org>, Chris Angelico <rosuav@gmail.com> wrote: <SNIP> > >But sure. If you want to cut out complication, dispense with user >accounts altogether and run everything as root. That's WAY simpler! I didn't except this strawman argument from you. Of course you need a distinction between doing system things as root, and working as a normal user. You just don't need sudo. > >ChrisA -- Albert van der Horst, UTRECHT,THE NETHERLANDS Economic growth -- being exponential -- ultimately falters. albert@spe&ar&c.xs4all.nl &=n http://home.hccnet.nl/a.w.m.van.der.horst
[toc] | [prev] | [next] | [standalone]
| From | Chris Angelico <rosuav@gmail.com> |
|---|---|
| Date | 2015-01-18 01:57 +1100 |
| Message-ID | <mailman.17813.1421506643.18130.python-list@python.org> |
| In reply to | #83925 |
On Sun, Jan 18, 2015 at 1:51 AM, Albert van der Horst <albert@spenarnc.xs4all.nl> wrote: > In article <mailman.17471.1420721626.18130.python-list@python.org>, > Chris Angelico <rosuav@gmail.com> wrote: > <SNIP> >> >>But sure. If you want to cut out complication, dispense with user >>accounts altogether and run everything as root. That's WAY simpler! > > I didn't except this strawman argument from you. > Of course you need a distinction between doing system things as > root, and working as a normal user. You just don't need sudo. So you have to have a password on the root account. My systems are more secure, as they do not have a password that someone could learn. ChrisA
[toc] | [prev] | [next] | [standalone]
| From | cl@isbd.net |
|---|---|
| Date | 2015-01-17 15:18 +0000 |
| Message-ID | <92bqob-aj2.ln1@esprimo.zbmc.eu> |
| In reply to | #83926 |
Chris Angelico <rosuav@gmail.com> wrote: > On Sun, Jan 18, 2015 at 1:51 AM, Albert van der Horst > <albert@spenarnc.xs4all.nl> wrote: > > In article <mailman.17471.1420721626.18130.python-list@python.org>, > > Chris Angelico <rosuav@gmail.com> wrote: > > <SNIP> > >> > >>But sure. If you want to cut out complication, dispense with user > >>accounts altogether and run everything as root. That's WAY simpler! > > > > I didn't except this strawman argument from you. > > Of course you need a distinction between doing system things as > > root, and working as a normal user. You just don't need sudo. > > So you have to have a password on the root account. My systems are > more secure, as they do not have a password that someone could learn. > Yes, they do (if you use sudo) it's *your* password and IMHO it's less secure as you only need to know one password to get root access. -- Chris Green ·
[toc] | [prev] | [next] | [standalone]
| From | Michael Torrie <torriem@gmail.com> |
|---|---|
| Date | 2015-01-17 09:29 -0700 |
| Message-ID | <mailman.17814.1421512178.18130.python-list@python.org> |
| In reply to | #83925 |
On 01/17/2015 07:51 AM, Albert van der Horst wrote: > In article <mailman.17471.1420721626.18130.python-list@python.org>, > Chris Angelico <rosuav@gmail.com> wrote: > <SNIP> >> >> But sure. If you want to cut out complication, dispense with user >> accounts altogether and run everything as root. That's WAY simpler! > > I didn't except this strawman argument from you. > Of course you need a distinction between doing system things as > root, and working as a normal user. You just don't need sudo. I just don't see the distinction. What's the difference between having to type in a root password and having to type in your own administrative user password? Guess we're all just struggling to understand your logic here. On my laptop sudo has a huge advantage over su, and that is I can use my fingerprint reader to access root. Now I could set up root to accept a fingerprint as well which would work with su, but the sudo solution is much quicker to configure.
[toc] | [prev] | [next] | [standalone]
| From | cl@isbd.net |
|---|---|
| Date | 2015-01-17 16:47 +0000 |
| Message-ID | <h9gqob-c3e.ln1@esprimo.zbmc.eu> |
| In reply to | #83930 |
Michael Torrie <torriem@gmail.com> wrote: > On 01/17/2015 07:51 AM, Albert van der Horst wrote: > > In article <mailman.17471.1420721626.18130.python-list@python.org>, > > Chris Angelico <rosuav@gmail.com> wrote: > > <SNIP> > >> > >> But sure. If you want to cut out complication, dispense with user > >> accounts altogether and run everything as root. That's WAY simpler! > > > > I didn't except this strawman argument from you. > > Of course you need a distinction between doing system things as > > root, and working as a normal user. You just don't need sudo. > > I just don't see the distinction. What's the difference between having > to type in a root password and having to type in your own administrative > user password? Guess we're all just struggling to understand your logic > here. > One big distinction is that you need to know two passwords to get root access if there's a real root account as opposed to using sudo. This only applies of course if direct root login isn't allowed (via ssh or whatever). -- Chris Green ·
[toc] | [prev] | [next] | [standalone]
| From | albert@spenarnc.xs4all.nl (Albert van der Horst) |
|---|---|
| Date | 2015-01-17 18:06 +0000 |
| Message-ID | <54baa4b1$0$15857$e4fe514c@dreader35.news.xs4all.nl> |
| In reply to | #83932 |
In article <h9gqob-c3e.ln1@esprimo.zbmc.eu>, <cl@isbd.net> wrote: >Michael Torrie <torriem@gmail.com> wrote: >> On 01/17/2015 07:51 AM, Albert van der Horst wrote: >> > In article <mailman.17471.1420721626.18130.python-list@python.org>, >> > Chris Angelico <rosuav@gmail.com> wrote: >> > <SNIP> >> >> >> >> But sure. If you want to cut out complication, dispense with user >> >> accounts altogether and run everything as root. That's WAY simpler! >> > >> > I didn't except this strawman argument from you. >> > Of course you need a distinction between doing system things as >> > root, and working as a normal user. You just don't need sudo. >> >> I just don't see the distinction. What's the difference between having >> to type in a root password and having to type in your own administrative >> user password? Guess we're all just struggling to understand your logic >> here. >> >One big distinction is that you need to know two passwords to get root >access if there's a real root account as opposed to using sudo. This >only applies of course if direct root login isn't allowed (via ssh or >whatever). The other is that if a dozen users have sudo possibility, one compromised password compromises the whole system. The same administrators that like sudo will force the users into a "safe" password of at least 8 characters a special sign a number and a capital, instead of educating them to use a strong password like the_horse_eats_yellow_stones. 1] Chances are that one of the users has a password like ! (first special sign) 1 (first number) Q (first capital) followed by a weak 5 letter word (or even a guessable one). Compare that to "Dear administrator, I've to do this. Can I have the root password." "Sure here it is" Looks over users shoulder. "Are you ready?" Make sure he's logged out. Uses random generator for a new password. If there is something, anything, change the root password and check the disk for suid-root files. There is no such thing as automatic security. Security requires one thing: attention. And effort. So two things: attention and effort. And simplicity. So three things: attention, effort and simplicity. sudo makes administrators careless, lazy and it is not simple at all. >-- >Chris Green Groetjes Albert 1] I don't claim this is *very* strong, just strong. -- Albert van der Horst, UTRECHT,THE NETHERLANDS Economic growth -- being exponential -- ultimately falters. albert@spe&ar&c.xs4all.nl &=n http://home.hccnet.nl/a.w.m.van.der.horst
[toc] | [prev] | [next] | [standalone]
| From | Michael Ströder <michael@stroeder.com> |
|---|---|
| Date | 2015-01-17 19:47 +0100 |
| Message-ID | <m9eane$qfm$1@dont-email.me> |
| In reply to | #83937 |
albert@spenarnc.xs4all.nl (Albert van der Horst) wrote: > In article <h9gqob-c3e.ln1@esprimo.zbmc.eu>, <cl@isbd.net> wrote: >> Michael Torrie <torriem@gmail.com> wrote: >>> On 01/17/2015 07:51 AM, Albert van der Horst wrote: >>>> In article <mailman.17471.1420721626.18130.python-list@python.org>, >>>> Chris Angelico <rosuav@gmail.com> wrote: >>>> <SNIP> >>>>> >>>>> But sure. If you want to cut out complication, dispense with user >>>>> accounts altogether and run everything as root. That's WAY simpler! >>>> >>>> I didn't except this strawman argument from you. >>>> Of course you need a distinction between doing system things as >>>> root, and working as a normal user. You just don't need sudo. >>> >>> I just don't see the distinction. What's the difference between having >>> to type in a root password and having to type in your own administrative >>> user password? Guess we're all just struggling to understand your logic >>> here. >>> >> One big distinction is that you need to know two passwords to get root >> access if there's a real root account as opposed to using sudo. This >> only applies of course if direct root login isn't allowed (via ssh or >> whatever). > > The other is that if a dozen users have sudo possibility, one compromised > password compromises the whole system. Hmm, but it's much worse if a dozen users have to know the root password. With this they can circumvent sudo completely (e.g. going over IPMI console). > Compare that to > "Dear administrator, I've to do this. Can I have the root password." > "Sure here it is" Looks over users shoulder. "Are you ready?" > Make sure he's logged out. Uses random generator for a new password. This process does not work for dozens of admins maintaining thousands of machines. Especially when something goes wrong in the night shift and has to be fixed quickly. > If there is something, anything, change the root password and check > the disk for suid-root files. Better require public key authc for SSH access and the user's own (one-time) password for sudo. If your security requirements are really high mandate going through a SSH gateway / jumphost. > Security requires one thing: attention. And effort. So two things: > attention and effort. And simplicity. So three things: attention, > effort and simplicity. Yes. > sudo makes administrators careless, lazy and it is not simple at all. Admins must have separate accounts with separate credentials for administrative work and must be careful when using an administrative account. Ciao, Michael.
[toc] | [prev] | [next] | [standalone]
| From | Michael Torrie <torriem@gmail.com> |
|---|---|
| Date | 2015-01-17 19:09 -0700 |
| Message-ID | <mailman.17822.1421546969.18130.python-list@python.org> |
| In reply to | #83942 |
On 01/17/2015 11:47 AM, Michael Ströder wrote: >> sudo makes administrators careless, lazy and it is not simple at all. > > Admins must have separate accounts with separate credentials for > administrative work and must be careful when using an administrative account. Right. This is not a bad idea in a large organization. In any case, Sudo is more auditable than su in my opinion, but more importantly, it's much easier to revoke. With su, if I fire an admin, I have to change root passwords on every machine, and redistribute the new password to every admin that needs it. With sudo, I might still change the root password, but I'll lock the root password up in a safe box somewhere, and life goes on for everyone else. In fact with root disabled entirely, the whole root password needing to be changed when a person leaves the company is completely eliminated. sudo allows us (especially with the idea about separate admin credentials) to have multiple, controllable, auditable, root passwords in effect. Surely the benefit of this can be seen. Another good alternative to sudo is ksu, which is a kerberized su. This also provides an excellent audit trail, and is easy to revoke. This may be more to Mr. van der Horst's liking, as normally ksu is configured to accept only principals with a /admin suffix (arbitrarily chosen). So admins would have their normal principal, and their admin principal. It's a pretty slick system if you have Kerberos up and running.
[toc] | [prev] | [next] | [standalone]
| From | Steven D'Aprano <steve+comp.lang.python@pearwood.info> |
|---|---|
| Date | 2015-01-18 13:37 +1100 |
| Message-ID | <54bb1c83$0$12979$c3e8da3$5496439d@news.astraweb.com> |
| In reply to | #83937 |
Albert van der Horst wrote: > In article <h9gqob-c3e.ln1@esprimo.zbmc.eu>, <cl@isbd.net> wrote: >>Michael Torrie <torriem@gmail.com> wrote: >>> On 01/17/2015 07:51 AM, Albert van der Horst wrote: >>> > In article <mailman.17471.1420721626.18130.python-list@python.org>, >>> > Chris Angelico <rosuav@gmail.com> wrote: >>> > <SNIP> >>> >> >>> >> But sure. If you want to cut out complication, dispense with user >>> >> accounts altogether and run everything as root. That's WAY simpler! >>> > >>> > I didn't except this strawman argument from you. >>> > Of course you need a distinction between doing system things as >>> > root, and working as a normal user. You just don't need sudo. >>> >>> I just don't see the distinction. What's the difference between having >>> to type in a root password and having to type in your own administrative >>> user password? Guess we're all just struggling to understand your logic >>> here. >>> >>One big distinction is that you need to know two passwords to get root >>access if there's a real root account as opposed to using sudo. This >>only applies of course if direct root login isn't allowed (via ssh or >>whatever). > > The other is that if a dozen users have sudo possibility, one compromised > password compromises the whole system. The same administrators that like > sudo will force the users into a "safe" password of at least 8 characters > a special sign a number and a capital, instead of educating them to > use a strong password like the_horse_eats_yellow_stones. 1] Sigh. I like XKCD, I really do, but anyone who thinks that brute force attacks cannot simply replace words for characters is deluding themselves. Consider a password like "mg93H$8s". Each character is taken from an alphabet of lowercase and uppercase letters plus digits, plus 32 punctuation characters and other symbols available on a US keyboard. There are 26+26+10+32 = 94 different "letters" in this alphabet. If your password is ten characters long, there is a potential pool of 94**10 available passwords. Let's say we strip out 90% of them for being "too easy to guess" (say, eight "A"s in a row, or it happens to contain your username). That still leaves us with: 94**10//10 = 5386151140948997017 potential passwords. Now consider the XKCD scheme. You pick four words from a dictionary and concatenate them. On my system, /usr/share/dict/words has a little less than 500,000 words. The problem is, most of them are not really memorable, and many of them are very low entropy. Here's a selection from the first few starting with A: A A. a a' a- a. A-1 A1 a1 A4 A5 AA aa A.A.A. AAA aaa AAAA So in practice people are going to choose words from a much, much smaller selection. I estimate that most people are going to choose words from a pool of about 10,000 words or so, but let's imagine that you have four times the vocabulary (or imagination) of the average person and pick from a pool of 40,000 words, specially crafted to avoid low-entropy selections such as "AAA A4 aa a". That gives: 40000**4 = 2560000000000000000 potential passwords, half that of the conventional scheme. And if people have biases in the words they pick -- and you better believe they will -- that will be reduced even further. Password crackers will take advantage of the fact that most XKCD-style passwords will include at least one of the most common thousand or so words, reducing the search space significantly. I believe that the state of the art of password cracking is such now that people cannot realistically expect to remember sufficiently strong passwords for all the things they need passwords for. I believe that the only good solution is to have one strong passphrase that you use to protect a password manager, which in turn uses long (12 character or more), completely random passwords. Even that doesn't protect you, because your security is controlled by websites and banks etc. with stupid security policies. E.g. I am forced to deal with one bank that uses a cryptographic key to sign in to their bank, but your passphrase is limited to exactly eight characters. Another bank I use limits you to SIX characters, taken from case-insensitive(!) letters, digits, and a small set of punctuation. At least they do enforce rate limiting on account logins: three wrong login attempts and they lock your account and force you to go to a branch in person to recover it. (Can you say "Denial Of Service Attack"? I can.) > Compare that to > "Dear administrator, I've to do this. Can I have the root password." > "Sure here it is" Looks over users shoulder. "Are you ready?" > Make sure he's logged out. Uses random generator for a new password. That is a ridiculously impractical system for anything other than a home system. Problems include: - You have a single point of failure, the one administrator who controls access to the root password. The day he stays home with his phone switched off to play WOW is the day the mail server dies and you need root to fix it. The "Bus Factor" (what do you do when the administrator gets hit by a bus?) is critical. - You might be changing the root password dozens of times a day; if you have to restore your system from backup, chances are nobody will know what the root password was this time two days ago. - Lack of accountability: somebody used the root account to delete files they're not supposed to. Who was it? No idea, it was somebody with root, which could mean anyone who could have come up with a sufficiently plausible excuse to convince the trusted admin to give them root access that day. With sudo, all commands are logged, and even if the sudoer runs "bash" to defeat the logging, it is obvious that they have done so and can be asked to explain why they shouldn't be fired for breaching company policy. - Completely impractical for big sites. Imagine Google, with tens of thousands of machines, and thousands of administrators across multiple timezones, if they all had to go through a single admin to request the root password. -- Steven
[toc] | [prev] | [next] | [standalone]
| From | Roy Smith <roy@panix.com> |
|---|---|
| Date | 2015-01-17 22:18 -0500 |
| Message-ID | <roy-6A98A2.22182117012015@news.panix.com> |
| In reply to | #83962 |
In article <54bb1c83$0$12979$c3e8da3$5496439d@news.astraweb.com>, Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote: > Even that doesn't protect you, because your security is controlled by > websites and banks etc. with stupid security policies. E.g. I am forced to > deal with one bank that uses a cryptographic key to sign in to their bank, > but your passphrase is limited to exactly eight characters. Another bank I > use limits you to SIX characters, taken from case-insensitive(!) letters, > digits, and a small set of punctuation. Tell me about it. I have an E-Trade ATM card. When I first got it, I set it up with a 6 digit PIN. I was shocked to discover some time later that it actually only looks at the first 4 digits. And, no, I'm not talking *characters*, I'm talking *digits*. There are 10**4 possible PINs. The mind boggles. On the other hand, E-Trade gave me an RSA key fob so I use two-factor authentication on their web site.
[toc] | [prev] | [next] | [standalone]
| From | Steven D'Aprano <steve+comp.lang.python@pearwood.info> |
|---|---|
| Date | 2015-01-18 14:45 +1100 |
| Message-ID | <54bb2c5f$0$12977$c3e8da3$5496439d@news.astraweb.com> |
| In reply to | #83965 |
Roy Smith wrote: > In article <54bb1c83$0$12979$c3e8da3$5496439d@news.astraweb.com>, > Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote: > >> Even that doesn't protect you, because your security is controlled by >> websites and banks etc. with stupid security policies. E.g. I am forced >> to deal with one bank that uses a cryptographic key to sign in to their >> bank, but your passphrase is limited to exactly eight characters. Another >> bank I use limits you to SIX characters, taken from case-insensitive(!) >> letters, digits, and a small set of punctuation. > > Tell me about it. I have an E-Trade ATM card. When I first got it, I > set it up with a 6 digit PIN. I was shocked to discover some time later > that it actually only looks at the first 4 digits. And, no, I'm not > talking *characters*, I'm talking *digits*. There are 10**4 possible > PINs. The mind boggles. > > On the other hand, E-Trade gave me an RSA key fob so I use two-factor > authentication on their web site. You know that two-factor authentication doesn't offer any real security against Man In The Middle attacks? Scenario: * You log in to the bank, and transfer $1 to me. * Evil haxor intercepts the transfer between your PC and the Internet, changing it to a request to transfer ONE MILLION DOLLARS to evil haxor's account. * Bank receives the request and sends you a token. * You receive the token and approve the transfer. * Evil haxor makes the money disappear. * When you complain to the bank that your account is ONE MILLION DOLLARS overdrawn, they insist that you authorized the transfer so their liability is limited to exactly Sweet FA. (I am very cynical about most of the "security features" the banks are pushing for, since in my opinion they are more about giving the banks plausible deniablity so they can push responsibility for security breaches onto the customer.) As soon as I heard that banks were turning to two-factor authentication I predicted that attackers would trivially move to man-in-the-middle and man-in-the-browser attacks to get around them. And sure enough, as long ago as 2006 that's exactly what happened: http://blog.washingtonpost.com/securityfix/2006/07/citibank_phish_spoofs_2factor_1.html More here: https://www.schneier.com/blog/archives/2012/09/man-in-the-midd_5.html (read the comments for more examples) All of the MITM attacks I know of involve social engineering attacks, but if and when customers get too sophisticated to fall for phishing attacks[1], the bad guys will move to scenarios like the one I described, where they hijack your own legitimate transactions. [1] Try not to laugh. It could happen. -- Steven
[toc] | [prev] | [next] | [standalone]
| From | Chris Angelico <rosuav@gmail.com> |
|---|---|
| Date | 2015-01-18 18:45 +1100 |
| Message-ID | <mailman.17825.1421567125.18130.python-list@python.org> |
| In reply to | #83966 |
On Sun, Jan 18, 2015 at 2:45 PM, Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote: > (I am very cynical about most of the "security features" the banks are > pushing for, since in my opinion they are more about giving the banks > plausible deniablity so they can push responsibility for security breaches > onto the customer.) Definitely they are. Banks don't care about customers, they care about profits. James Hacker: I see, it's just profits, isn't it, Sir Desmond? Sir Desmond: It's not "just" profits - it's profits! -- Yes Minister ChrisA
[toc] | [prev] | [next] | [standalone]
| From | Roy Smith <roy@panix.com> |
|---|---|
| Date | 2015-01-18 07:26 -0500 |
| Message-ID | <roy-120F05.07262318012015@news.panix.com> |
| In reply to | #83966 |
In article <54bb2c5f$0$12977$c3e8da3$5496439d@news.astraweb.com>, Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote: > You know that two-factor authentication doesn't offer any real security > against Man In The Middle attacks? The fact that TFA doesn't solve all problems doesn't change the fact that it solves some of them.
[toc] | [prev] | [next] | [standalone]
| From | Tim Chase <python.list@tim.thechases.com> |
|---|---|
| Date | 2015-01-17 21:50 -0600 |
| Message-ID | <mailman.17823.1421557595.18130.python-list@python.org> |
| In reply to | #83965 |
On 2015-01-17 22:18, Roy Smith wrote: > Tell me about it. I have an E-Trade ATM card. When I first got > it, I set it up with a 6 digit PIN. I was shocked to discover some > time later that it actually only looks at the first 4 digits. And, > no, I'm not talking *characters*, I'm talking *digits*. There are > 10**4 possible PINs. The mind boggles. You think that's bad, one million Google Authenticator 2-factor verification codes were leaked: https://twitter.com/paulmutton/status/509991378647277568 Those hackers are a wily bunch. ;-) -tkc
[toc] | [prev] | [next] | [standalone]
| From | Chris Angelico <rosuav@gmail.com> |
|---|---|
| Date | 2015-01-18 18:44 +1100 |
| Message-ID | <mailman.17824.1421567048.18130.python-list@python.org> |
| In reply to | #83965 |
On Sun, Jan 18, 2015 at 2:50 PM, Tim Chase <python.list@tim.thechases.com> wrote: > You think that's bad, one million Google Authenticator 2-factor > verification codes were leaked: > > https://twitter.com/paulmutton/status/509991378647277568 > > Those hackers are a wily bunch. ;-) http://torrent-city.net/download/Li/List-of-ALL-ip-addresses-[hacking-tool]-[source-code-included].5185923.html ChrisA
[toc] | [prev] | [next] | [standalone]
| From | Mark Lawrence <breamoreboy@yahoo.co.uk> |
|---|---|
| Date | 2015-01-17 18:31 +0000 |
| Message-ID | <mailman.17815.1421519526.18130.python-list@python.org> |
| In reply to | #83932 |
On 17/01/2015 16:47, cl@isbd.net wrote: > Michael Torrie <torriem@gmail.com> wrote: >> On 01/17/2015 07:51 AM, Albert van der Horst wrote: >>> In article <mailman.17471.1420721626.18130.python-list@python.org>, >>> Chris Angelico <rosuav@gmail.com> wrote: >>> <SNIP> >>>> >>>> But sure. If you want to cut out complication, dispense with user >>>> accounts altogether and run everything as root. That's WAY simpler! >>> >>> I didn't except this strawman argument from you. >>> Of course you need a distinction between doing system things as >>> root, and working as a normal user. You just don't need sudo. >> >> I just don't see the distinction. What's the difference between having >> to type in a root password and having to type in your own administrative >> user password? Guess we're all just struggling to understand your logic >> here. >> > One big distinction is that you need to know two passwords to get root > access if there's a real root account as opposed to using sudo. This > only applies of course if direct root login isn't allowed (via ssh or > whatever). > Bah humbug, this has reminded me of doing secure work whereby each individual had two passwords, both of which had to be changed every thirty days, and rules were enforced so you couldn't just increment the number at the end of a word or similar. -- My fellow Pythonistas, ask not what our language can do for you, ask what you can do for our language. Mark Lawrence
[toc] | [prev] | [next] | [standalone]
Page 2 of 7 — ← Prev page 1 [2] 3 4 5 6 7 Next page →
Back to top | Article view | comp.lang.python
csiph-web