A recent' Global Announcement' in the Ubuntu Forums has no doubt given many people cause for concern. The announcement entitled ' ATTENTION ALL USERS: Malicious Commands ' notes that there has been an increase in the number of malicious commands masquerading as friendly advice to new users being posted in the forums. There are an estimated 3 to 6 million Ubuntu users in the world today and the number is increasing rapidly due to the distributions' high profile and legendary ease of use. Given this tidal wave of adoption, it is not surprising that some flotsam and jetsam has washed up on the beach. As script-kiddies chortle with schoolboyish glee at their latest 'rm -rf' posting, perhaps it is time to consider increasing security.
I have never been entirely at one with the decision to scrap the old Unix division between 'root' and non-privileged users. Of course Ubuntu doesnt entirely abandon it either but it does dilute it significantly. Entering the root password before issuing system commands is a far more sobering prospect then simply typing 'sudo' and reissuing your normal pass. It conveys a more acute impression of the gravity, and perhaps finality, of what you are about to do. This is my real complaint. The Ubuntu way of doing things trivializes system administration in the interests of usability. I know that it is claimed that there are security advantages to this arrangement but the fact that the root password is never exposed on the network does not compensate, in my view, for the shortcomings of this approach.
What if you are the 'sysadmin' on a family machine which has multiple users? It is to be hoped that all these bright new shiny Everex 200 machines are going to homes where there is at least one person who is prepared to master the basics of system security. How can you prevent grandma or the kids from being taken in by one of these rogue forum postings? The easiest way in my opinion is to bring your Ubuntu 'box' in line with the vast majority of Linux and Unix distros and issue a root password which will be known only to you ( the 'benevolent dictator' ) and strip all other users of their admin privileges.
In order to do this you simply open a terminal and issue the following command:-
sudo passwd root
You will be asked for your normal login password. Enter it. You will be asked for a new Unix password for 'root'. Enter it and confirm when prompted. Then open users-admin and click on each individual user entry. Go to the 'User privileges' tab and uncheck 'Executing system administration tasks'. This will disable access to the system commands in /sbin for normal users and vastly decrease the scope of other commands to do damage to your system.
It will perhaps be objected that normal users can be denied access to system commands without resurrecting the old 'root' password arrangement. I agree, but I happen to think that the old system is the best.
If you follow this advice there are two things that you will need to remember:-
1. NEVER lose or forget your root password.
2. You will need to learn the names of all those programs in the 'System' > "Administration" menu because you will need to su to root in a terminal and issue the appropriate command there in order to open them.
No comments:
Post a Comment