Learning Linux
-
what prevents a rouge program that's running as me from doing that very thing and gaining root access since they don't have to type in a password?
-
@Dashrender said:
I'm building an ELK stack on CentOS 7.
The all you do is add your user to the "wheel" group. Wheel is the name of the administrators group. Has been in UNIX since the days of yore.
Then in the /etc/sudoers file you just uncomment the field that allows WHEEL access to ROOT with NOPASSWD.
-
@scottalanmiller said:
@Dashrender said:
I'm building an ELK stack on CentOS 7.
The all you do is add your user to the "wheel" group. Wheel is the name of the administrators group. Has been in UNIX since the days of yore.
Then in the /etc/sudoers file you just uncomment the field that allows WHEEL access to ROOT with NOPASSWD.
Thanks for that explanation - much better than just adding my name to the sudoers file - but I'm still wondering about the virus/malware protection.
-
@Dashrender said:
Thanks for that explanation - much better than just adding my name to the sudoers file
Yes, that really should not happen. Not realistically.
-
@Dashrender said:
but I'm still wondering about the virus/malware protection.
Don't go around browsing websites from your server. Problem solved
-
With User Account Control in Windows, if my user has local admin rights, I still get prompted (normally) so even if some malware is trying to run, if I get an unexpected prompt I should be wary and most likely deny the access.
Does something like that apply here? in a non gui, I'm not sure how it could. I'm probably over thinking it. In a CLI the only things that are running are those that I type.
As for someone gaining access to my account, I guess I just need to make sure I have a good password.
-
@Dashrender said:
With User Account Control in Windows, if my user has local admin rights, I still get prompted (normally) so even if some malware is trying to run, if I get an unexpected prompt I should be wary and most likely deny the access.
In Linux it will just fail, doesn't even prompt you.
-
@Dashrender said:
Does something like that apply here? in a non gui, I'm not sure how it could. I'm probably over thinking it. In a CLI the only things that are running are those that I type.
This is what sudo does. It's just proactive instead of reactive.
-
@Dashrender said:
As for someone gaining access to my account, I guess I just need to make sure I have a good password.
Or use a key. Or a key plus a password. Or add another for of two or even three factor authentication.
-
Make sure you are running fail2ban.
-
awesome, thanks...
-
Had to be done
-
-
Ubuntu uses the sudo group instead of wheel, for some reason. Just a crazy desire to be non-standard.
-
Where did wheel come from?
-
@Dashrender said:
Where did wheel come from?
https://en.wiktionary.org/wiki/big_wheel
big wheel (plural big wheels)
(idiomatic) A person with a great deal of power or influence, especially a high-ranking person in an organization. She's a big wheel at IBM. -
LOL - when I think of Big Wheels I think of a three wheeled vehicle for kids...
-
Using @scottalanmiller 's definition, I think of Big Wig, lol. Must be where my southern heritage shows, lol.
-
Why do so many instructions assume selinux is turned off? Don't you want it enabled to protect you?
That and fail2ban?
-
@Dashrender said:
Why do so many instructions assume selinux is turned off? Don't you want it enabled to protect you?
That and fail2ban?
Because they are lazy, as are most shops, andn so they just disable it.
Although to be fair, turning it off for an install and enabling again when done is fine. It's running operationally without it that is bad.
