this post was submitted on 15 Aug 2023
41 points (100.0% liked)
Linux
48012 readers
869 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
#!/usr/bin/env zsh
is better for portability/compatibility. You can set the root shell as whatever you want (including zsh). Leaking the user context withsudo -s
is generally a bad idea. Unless you actually share a system with multiple users, I'd advise to set a root password and usesu -
in favor ofsudo -i
orsudo -s
. Two (proper) passwords are more secure than one.edit: typo
My collegues wouldn't appreciate my shell config in the root account, especially the vi bindings ;)
I understand the motivation of using the user environment in the root context. It's still a bad idea. The assumption is, that it is easier to compromise a non-privileged desktop user than the root account. Imagine some exploit breaking out of a sandbox and doing some minor modifications to your $HOME: either aliasing
ls
to a script somewhere in your home by changing your profile or some shell rc file, or prepending your $PATH environment variable with a folder burried somewhere in your home directory where a scriptls
is placed:Now, as an attacker you just wait for some admin on a shared system to come along and use
sudo -s
.