Skip to main content

DONT - Sudo without password

Reading this post, I feel the urge to burst out. This kind of tweaking is not really *adminy* . A true Admin would rather kill the terminal he sudo-ed in, to be even sure.

Enabling your user to become a sudo-er is a privilege. Like in the movie, Spider-man - Great power comes with great responsibility. The extra prompt for password might be a little annoying for frequenters. But completely overriding it is appalling at best, if not awful abuse of the said privilege.

For all the interns who joined as admins, a friendly advice - security defaults have a place in unix. They are set after a lot of research in usage (especially by admins before you). So leave them alone, as much as you can. Security is not for ease of use. The harder a password the better, so read that post with admonition.

For the new *nix users - If you just want to do this, Dont bother installing *nix. Go with an easy mac or better yet, stick with Windoze ME (I am rude, am I not?).

Well that feels happy now. I had a stressful week, taking our new web services into production. (Sorry for the guy who wrote the post - This reply is only to emphasise the importance of security, your tip has nothing to do with measuring your performance.. good luck)
Labels:

Popular posts from this blog

Powered By

As it goes, We ought to give thanks to people who power us. This page will be updated, like the version page , to show all the tools, and people this site is Powered By! Ubuntu GIMP Firebug Blogger Google [AppEngine, Ajax and other Apis] AddtoAny Project Fondue jQuery
Read More >>

Decorator for Memcache Get/Set in python

I have suggested some time back that you could modularize and stitch together fragments of js and css to spit out in one HTTP connection. That makes the page load faster. I also indicated that there ways to tune them by adding cache-control headers. On the server-side however, you could have a memcache layer on the stitching operation. This saves a lot of Resources (CPU) on your server. I will demonstrate this using a python script I use currently on my site to generate the combined js and css fragments. So My stitching method is like this @memize(region="jscss") def joinAndPut(files, ext): res = files.split("/") o = StringIO.StringIO() for f in res: writeFileTo(o, ext + "/" + f + "." + ext) #writes file out ret = o.getvalue() o.close() return ret; The method joinAndPut is * decorated * by memize. What this means is, all calls to joinAndPut are now wrapped (at runtime) with the logic in memize. All you wa
Read More >>

One page Stock

Alright.. That was a long absence. The whole last week I dint blog. I dint go away. I was "occupied". I was learning stock trading. Its very fascinating. I have a good weeeked blog for you all. Here is my experience. I can literally hyper-link every word from the following paragraphs, but I am writing it as simple as I can so you can look up the italicised words in wikipedia . I got a paper trading account from a brokerage firm . You need one brokerage account first. Then it can be an Equity account where all your money is yours or a Margin account , where some of the money is lent by the brokerage firm. Then I get Buying power , which is the dollor value of how much stocks you can buy. I can make profit by simple rules. Buy when Price is low. Sell when price is high. There is another more intersting way of earning money. Selling short . Thats when price is not high, per say, but when are confident that the price WILL go down. then buy back when its lowest. This is what
Read More >>