Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Order Openwall GNU/*/Linux 2.0 on a CD with delivery worldwide
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Mon, 2 Apr 2007 03:08:28 +0400
From: "Dmitry V. Levin" <ldv@....openwall.com>
To: owl-users@...ts.openwall.com
Subject: Re: Owl-based desktop environment

Hi,

On Sun, Apr 01, 2007 at 06:04:08PM +0400, Grigoriy Strokin wrote:
[...]
>   1) Which RPM set with a wide range of useful applications
>      should I use? 
>      I tried downloading Fedora Core 6 i386 RPMs, but they require
>      GLIBC-2.4. Then I tried 
>        rpm --replacefiles --nodeps -U glibc-2.5-3.i386.rpm
>      but then PAM modules stopped working and it was even impossible to
>      login. So I downgraded to libc-2.3.6.so. Should I use RPMs from
>      older versions of Fedora?

Owl-2.0 is closer to RHEL4 and FC3 from compatibility point of view.

>   3) Later I used sudo, but now I know it is not a good idea
>      to use su/sudo to root as a non-privileged user.
>      So, what is the right way to get admin's privileges while working
>      locally in X Window as grg? 
>        ssh r_grg@...alhost ? 
>      What about using passwords?

I would say that user->root privilege escalation is not secure in general,
no matter how do you gain privs.  Consider login as privileged user using
new virtual console.


-- 
ldv

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux