You are Here:
Install Updates Gimp Error - see Security & Bug Fixes Section Sticky



Security - LL has one password - other distros can have more ...

Author (Read 1119 times)

0 Members and 1 Guest are viewing this topic.

Security - LL has one password - other distros can have more ...
« on: February 17, 2018, 09:04:33 AM »
 

m654321

  • Gold Level Poster
  • *******
  • 863
    Posts
  • Country: gb
  • Reputation: 82
  • Linux Lite Member, 'Advocate' & Donator

  • Linux Lite: 3.8 64bit

  • CPU: Intel Core T7100@1.8GHz (2cores) on a Dell Latitude D630

  • MEMORY: 4Gb

  • VIDEO CARD: Intel GM965/GL960 Integrated Graphics Controller
I was wondering the other day how security works with LL and the privileges/access to computer that the password provides.


LL has 1 password which is used to login with - the same password is used as a root/admin password. How does that work? Surely having the same password for both means that the distro is therefore vulnerable as permission is given, following logon, for anything out there to make changes to your computer ... ???

Comparing with two other distros that I have been using:
 
PCLinuxOS has 3 passwords: a Security password (for allowing changes to grub); a Root or Admin password, and a separate Login password.

Manjaro has 2 passwords: one for Login and one for Root/Admin privileges.
Last Edit: February 17, 2018, 01:00:44 PM by m654321
Linux-user since 2014. 64bit OS installed in Legacy mode on MBR (msdos/ext4) formatted SSDs (except the pi which uses a micro SDHC card):
2017 - Raspberry pi 3B (4cores) ~ Arm710@1.2GHz - LibreElec, used for upgrading our Samsung TV (excellent for the task)  
2012 - Lenovo G580 2689 (2cores; 4threads] ~ i3-3110M - LL3.8/Win8.1 dual-boot (LL working smoothly)
2011 - Samsung NP-N145 Plus (1core; 2threads) ~ Intel Atom N455@1.66GHz - Slitaz5 rolling (tried LL3 series but lagged)
2008 - Asus X71Q (2cores) ~ Intel T3200@2.0GHz - LL4.4/Win8.1 dual-boot (LL working beautifully)
2007 - Dell Latitude D630 (2cores) ~ Intel T7100@1.8GHz - LL3.8/Win8.1 dual-boot (LL really zippy!) - my daily driver  :-)
 


Re: Security - LL has one password - other distros can have more ...
« Reply #1 on: February 17, 2018, 09:25:26 AM »
 

bitsnpcs

  • Platinum Level Poster
  • **********
  • 3185
    Posts
  • Country: 00
  • Reputation: 300

  • Linux Lite: 3.2 64bit
Hello m654321,

you can change this if you wish -

Menu>All>Lite user Manager

create a new user highlight this new user name, and in the right pane of GUI, click to untick the "adm"?

Save changes.
Last Edit: February 17, 2018, 10:20:07 AM by bitsnpcs
 

Re: Security - LL has one password - other distros can have more ...
« Reply #2 on: February 17, 2018, 09:38:15 AM »
 

trinidad

  • Platinum Level Poster
  • **********
  • 1003
    Posts
  • Country: us
  • Reputation: 178
  • Linux Lite Member
    • dbts-analytics.com

  • Linux Lite: 4.4 64bit

  • CPU: AMD A8 5500 4 cores

  • MEMORY: 8Gb

  • VIDEO CARD: AMD/ATI Radeon HD 7560D
Being a regular Debian user with several computers networked together and nodes for random attachment I have always used a root password and user login password and no sudo users. Opinions vary on this subject but a lot of what is discussed on this link goes to the real problem of sudo users on a network. It is important to remember that home users, and small business users really don't have to worry about security of the scope that large businesses do. On a large network it can be argued that more privilege escalated files means more security risk so in that sense sudo is a nuisance. It is also important to remember that any unencrypted system can be hacked into bypassing all the passwords anyway, Linux, Windows, and MAC usually with nothing more than an Ubuntu live disk. Also updates to the root file system load in a root shell, that is they happen in the background on a sudo system without a root password installing when you reboot unseen by you. Some administrators don't like that either, given that it is not simple to interrupt them and that things could be missed.

https://www.beyondtrust.com/blog/unix-linux-privileged-management-should-you-sudo-heres-what-it-does-and-why-its-not-enough/

TC
All opinions expressed and all advice given by Trinidad Cruz on this forum are his responsibility alone and do not necessarily reflect the views or methods of the developers of Linux Lite. He is a citizen of the United States where it is acceptable to occasionally be uninformed and inept as long as you pay your taxes.
 

Re: Security - LL has one password - other distros can have more ...
« Reply #3 on: February 22, 2018, 06:13:51 AM »
 

m654321

  • Gold Level Poster
  • *******
  • 863
    Posts
  • Country: gb
  • Reputation: 82
  • Linux Lite Member, 'Advocate' & Donator

  • Linux Lite: 3.8 64bit

  • CPU: Intel Core T7100@1.8GHz (2cores) on a Dell Latitude D630

  • MEMORY: 4Gb

  • VIDEO CARD: Intel GM965/GL960 Integrated Graphics Controller
@bitsnpcs
@trinidad
Many thanks to you both for your replies. Based on what you've said, I guess as a home-user on a home network (not a public or work-based one), and the only user of this PC, the risk in using the same password for login & admin (using sudo command) is relatively low.  However, I do feel more secure with having different login and admin (root) passwords and might set this up when I have a bit of time - if I get stuck I'll come to you later for help  8)

Do either of you have different passwords for login and admin (root) on LL?

Mike
Last Edit: February 22, 2018, 06:44:11 AM by m654321
Linux-user since 2014. 64bit OS installed in Legacy mode on MBR (msdos/ext4) formatted SSDs (except the pi which uses a micro SDHC card):
2017 - Raspberry pi 3B (4cores) ~ Arm710@1.2GHz - LibreElec, used for upgrading our Samsung TV (excellent for the task)  
2012 - Lenovo G580 2689 (2cores; 4threads] ~ i3-3110M - LL3.8/Win8.1 dual-boot (LL working smoothly)
2011 - Samsung NP-N145 Plus (1core; 2threads) ~ Intel Atom N455@1.66GHz - Slitaz5 rolling (tried LL3 series but lagged)
2008 - Asus X71Q (2cores) ~ Intel T3200@2.0GHz - LL4.4/Win8.1 dual-boot (LL working beautifully)
2007 - Dell Latitude D630 (2cores) ~ Intel T7100@1.8GHz - LL3.8/Win8.1 dual-boot (LL really zippy!) - my daily driver  :-)
 

Re: Security - LL has one password - other distros can have more ...
« Reply #4 on: February 22, 2018, 06:33:59 AM »
 

Jerry

  • Linux Lite Creator
  • Administrator
  • Platinum Level Poster
  • *****
  • 7074
    Posts
  • Country: nz
  • Reputation: 662
  • Linux Lite Member
    • Linux Lite OS

  • Linux Lite: 3.8 64bit

  • CPU: Intel Xeon Dual CPU's E5645 2.4GHz 12 Cores

  • MEMORY: 16Gb

  • VIDEO CARD: nVidia GeForce GTX 960
In an operating system that targets Windows users, we will only offer the one master password. See trindads post for more info/logic.

Sent from my Mobile phone using Tapatalk

 

Re: Security - LL has one password - other distros can have more ...
« Reply #5 on: February 22, 2018, 10:14:48 AM »
 

bitsnpcs

  • Platinum Level Poster
  • **********
  • 3185
    Posts
  • Country: 00
  • Reputation: 300

  • Linux Lite: 3.2 64bit
Do either of you have different passwords for login and admin (root) on LL?

Mike

Hello,

I use no password for login or indeed no login screen on LL.
I use only the single master password as @Jerry explains on LL.

When I'm afk I unplug the ethernet cable from the router, the desktop has no wifi or bluetooth card inside.
Last Edit: February 22, 2018, 10:27:34 AM by bitsnpcs
 


 


Install Updates Gimp Error - see Security & Bug Fixes Section Sticky