Re: keylogger to interferret SUDO
That's just the deal. If you get in the habit of just clicking "yes" and you are either root (something Ubuntu goes out of the way to disable) or you have SUDO access (the first user, for example, or anyone you give admin rights to) then you ARE vulnerable.
Originally Posted by mike acker
BTW I'm a programmer but not a UNIX programmer. The event model I used is approximately correct, but I can't vouch for it.
Again, if you installed the system then it doesn't matter what your username is. If you can type your password to install updates, then you can also (possibly inadvertently) install malware which can affect your entire system.
but i don't see that happening in Linux,-- those privileged modules that are a problem in Windows should be running in "userland" as trusted programs in Linux -- which should help to reduce the paths available to an attacker. Ideally the ONLY way to install a program is via the Official Installer -- which requires the Administrator password,-- and hopefully a digital signature authenticating the distribution-- whether o/s update, or app.
If you're NOT that user, you can install software in your own user space which you can compile and run, and it will have access to anything YOU have access to. So you can thoroughly trash your own files.
It looks to me that for most of us if we just follow Linux recommendations our systems are not likely to get hacked.
The thing is, learn to look at advisories and read a few security howto's.
Help stamp out MBR partition tables. Use GPT instead!