• Geodad@lemm.ee
    link
    fedilink
    English
    arrow-up
    9
    ·
    edit-2
    5 hours ago

    You should never use “sudo su”. That’s a big security no-no.

    ~$ sudo apt update

    [sudo] password for {your user name}:

    -command executes-

    ~$

    • Endymion_Mallorn@kbin.melroy.org
      link
      fedilink
      arrow-up
      1
      ·
      3 hours ago

      Does that1 security no-no matter on a single-user system which (almost) never leaves the sight of said user? Or is that just a matter of ‘don’t do this on a server’?

      • Geodad@lemm.ee
        link
        fedilink
        English
        arrow-up
        3
        ·
        2 hours ago

        It’s not a good habit to get into. Even if you don’t have anyone at homebto mess with your system, these kinds of habits tend to follow people around. You’ll get comfortable at work and run something as root, but forget to deescalate permissions.

        Just using sudo as your user runs only that command or script as root, then drops back to your limited user account.

        Say you got busy or distracted and walked away, anyone who was able to access your system between the end of the command and the time your system auto locked would only have the access level of your user.