gpsd-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration"


From: Michael J. Tubby B.Sc. MIET
Subject: Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration"
Date: Fri, 15 Jan 2021 20:26:24 +0000
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1



On 15/01/2021 18:19, Gary E. Miller wrote:
Yo Bernd!

On Fri, 15 Jan 2021 16:03:17 +0100
Bernd Zeimetz <bernd@bzed.de> wrote:

On 1/15/21 3:15 AM, Gary E. Miller wrote:
    "Sudo? Sudon't!"

        https://gpsd.io/ubxtool-examples.html#_sudo_sudont  
lines like

sudo is "Security Theater". Having sudo enabled on a computer makes it
demonstrably less secure.
If you must be root, then become, and stay root. Just sudon’t.
Not opinion.  Fact.

are your personal opinion and have nothing to do with gpsd. Nothing
that should be in a documentation about gpsd. I'm sure there is some
linux best practices book where they belong into.
I guess you have ot been following along.  The top 3 problems gpsd
users have are:

1. systemd
2. apparmor
3. sudo

sudo has been especially problematic when used with ubxtool.


chmod u+s ubxtool        ?



That makes it a gpsd problem.

Instead I'd suggest that you check the uid in ubxtool and fail if
somebody tires to run it as root, maybe add a --yes-i-know-what-i-do
flag to force running it as root.
I hate it when programs do that.  No reason at all that ubxtool should
not be run as root.  Should I make that more clear in the text?

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem@rellim.com  Tel:+1 541 382 8588

	    Veritas liberabit vos. -- Quid est veritas?
    "If you can't measure it, you can't improve it." - Lord Kelvin

--

Michael J Tubby B.Sc. (Hons) MIET / Technical Director
Email: mike.tubby@thorcom.co.uk
Direct: +44 (0)1905 752892
Mobile: +44 (0)7973 225144

Thorcom Systems Limited
Office: +44 (0)1905 756 700
Unit 4, 96B Blackpole Trading Estate West, Worcester, WR3 8TJ, England, UK
Registered in England & Wales 02704696 / VAT Number GB487925681

This email and any attachments to it may be confidential or legally privileged and are intended solely the individual to whom it is addressed.
If you are not the intended recipient of this email, you must not take any action based upon its contents or disclose its contents to any third-party.
This email footer is intended to identify the sender and does not constitute a signature or agreement to enter into any form of legally binding contract.
While the author has taken reasonable care in the preparation of this email Errors and Omissions Excepted (E&OE).
Any views or opinions expressed are those of the author and do not necessarily represent those of Thorcom Systems Limited.
Please contact the sender if you believe you have received this email in error.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]