**orionwl** @orionwl@x0f.org · Jan 27, 2021, 06:47

**orionwl** @orionwl@x0f.org · Jan 27, 2021, 06:47

orionwl @orionwl@x0f.org

Jan 27, 2021, 06:47

@emil sure, that definitely increases attack surface

but this issue made me realize i don't particularly need a 'run as root' command, for the rare things i need to do system-wide i can just login as root

**kekcoin** @kekcoin@bitcoinhackers.org · Jan 27, 2021, 08:23

**kekcoin** @kekcoin@bitcoinhackers.org · Jan 27, 2021, 08:23

Jan 27, 2021, 08:23

kekcoin @kekcoin@bitcoinhackers.org

@orionwl @emil isn't allowing root login considered a security bad practice also?

**orionwl** @orionwl@x0f.org · Jan 27, 2021, 08:29

**orionwl** @orionwl@x0f.org · Jan 27, 2021, 08:29

Jan 27, 2021, 08:29

orionwl @orionwl@x0f.org

@kekcoin @emil i think that's a leftover from the time that brute forcing passwords was a thing

i never use ssh password based authentication at all (always keys, stored on external token when possible)

locally, logging in as root with a password seems fine

**Peter Todd** @pete@petertodd.org · 2021-01-27T08:38:43Z

Peter Todd @pete@petertodd.org

@orionwl @kekcoin @emil@x0f.org On Qubes, sudo doesn't require a password at all. Good document describing why: https://www.qubes-os.org/doc/vm-sudo/

Kinda a meta version of your "don't need a 'run as root'" argument!

Jan 27, 2021, 08:38 · · Web · · ·

**kekcoin** @kekcoin@bitcoinhackers.org · Jan 27, 2021, 11:08

**kekcoin** @kekcoin@bitcoinhackers.org · Jan 27, 2021, 11:08

Jan 27, 2021, 11:08

kekcoin @kekcoin@bitcoinhackers.org

@pete @orionwl @emil Well, that argument only holds in that specific usecase. Also PolKit isn't to blame for X11's flaws, right?

Trending now

Resources

Developers

What is Mastodon?

petertodd.org

More…