Skip to main content

DONT - Sudo without password

Reading this post, I feel the urge to burst out. This kind of tweaking is not really *adminy* . A true Admin would rather kill the terminal he sudo-ed in, to be even sure.

Enabling your user to become a sudo-er is a privilege. Like in the movie, Spider-man - Great power comes with great responsibility. The extra prompt for password might be a little annoying for frequenters. But completely overriding it is appalling at best, if not awful abuse of the said privilege.

For all the interns who joined as admins, a friendly advice - security defaults have a place in unix. They are set after a lot of research in usage (especially by admins before you). So leave them alone, as much as you can. Security is not for ease of use. The harder a password the better, so read that post with admonition.

For the new *nix users - If you just want to do this, Dont bother installing *nix. Go with an easy mac or better yet, stick with Windoze ME (I am rude, am I not?).

Well that feels happy now. I had a stressful week, taking our new web services into production. (Sorry for the guy who wrote the post - This reply is only to emphasise the importance of security, your tip has nothing to do with measuring your performance.. good luck)

Popular posts from this blog

Powered By

As it goes, We ought to give thanks to people who power us. This page will be updated, like the version page , to show all the tools, and people this site is Powered By! Ubuntu GIMP Firebug Blogger Google [AppEngine, Ajax and other Apis] AddtoAny Project Fondue jQuery

Decorator for Memcache Get/Set in python

I have suggested some time back that you could modularize and stitch together fragments of js and css to spit out in one HTTP connection. That makes the page load faster. I also indicated that there ways to tune them by adding cache-control headers. On the server-side however, you could have a memcache layer on the stitching operation. This saves a lot of Resources (CPU) on your server. I will demonstrate this using a python script I use currently on my site to generate the combined js and css fragments. So My stitching method is like this @memize(region="jscss") def joinAndPut(files, ext): res = files.split("/") o = StringIO.StringIO() for f in res: writeFileTo(o, ext + "/" + f + "." + ext) #writes file out ret = o.getvalue() o.close() return ret; The method joinAndPut is * decorated * by memize. What this means is, all calls to joinAndPut are now wrapped (at runtime) with the logic in memize. All you wa...

How to Make a Local (Offline) Repository in Ubuntu / Debian

If you are in a place where you dont have internet (or have a bad one) You want to download .deb packages and install them offline. Each deb file is packaged as a seperate unit but may contain dependencies (recursively). apt-get automagically solves all the dependencies and installs all that are necessary. Manually install deb files one by one resolving each dependency would be tedious. A better approach is to make your own local repository. Before you actually make a repo, You need *all* deb files. You dont practically have to mirror all of the packages from the internet, but enough to resolve all dependencies. Also, You have to make sure, you are getting debs of the correct architecture of your system (i386 etc) # 1. make a dir accessible (atleast by root) sudo mkdir /var/my-local-repo # 2. copy all the deb files to this directory. # 3. make the directory as a sudo dpkg-scanpackages /var/my-local-repo /dev/null > \ /var/my-local-repo/Packages # 4. add the local repo to sour...