security - Why is it safer to set up users? - Ask Ubuntu


everyone telling me using users make server lot safer. why it?

if have root account , 1 user, have 2 ways enter vps.
if has root password still can it. user password can make changes well.

if use root account, have 1 account can hacked/leaked. of course, hacker total access access if hacked root of server users.

edit: if create users, create them for? i'm webdeveloper , host websites on server. have create new user each website , each program install or should create 1 user can with?

your password not going "hacked" or "leaked".

if you're worried attacks, more plausible thing attacker may use zero-day vulnerability execute code on server, typically privileges of user running vulnerable program. if vulnerabile program run root, attacker can whatever wants on system. is, remember, without ever having obtain password.

if, on other hand, process run ordinary user, attacker constrained user can do, , in particular not able read or modify file user cannot access.

for simple web development server, not need create account other 1 use log on machine. web server process run account created automatically (e.g.,www-data apache)


Comments

Post a Comment

Popular posts from this blog

download - Firefox cannot save files (most of the time), how to solve? - Super User

this not full duplicate of this question or this question , though base question same. however, questions have no answers. for on half year have problems downloading files firefox. when click on download link, download dialog opened asking me do, save or open it. immediately, there error/warning pop-up (twice, can see 1 @ first) ok button. looks this message : "c:\users\%user%\appdata\local\temp\wbbdv9k8.zip.part not saved because source file not read. try again later or contact server administrator." replace '%user%' name of user trying download. after closing pop-up, download dialog disappears , have minimize firefox , open again, see other pop-up. downloading exact same file internet explorer work, not desired. i tried solutions here . tried solutions here . tried disabling extensions. tried fixing permissions on temp folder. tried making files , folder in profile directory non-readonly. tried running firefox administrator. tried ...
Read more

windows - "-2146893807 NTE_NOT_FOUND" when repair certificate store - Super User

i try repair certificate store in windows 10 doing c:\windows\system32>certutil -store -user ‎330000019dba8d5dddb98062a900000000019d "personal" certutil: -store command failed: 0x80090011 (-2146893807 nte_not_found) certutil: object not found. i have double check mmc, certificate details serial number of certificate. still fail repair certificate store. can please help? i getting same error when trying export pfx. turns out had export c:\cert.pfx instead of cert.pfx (it trying export file cert store ( cert:\localmachine\my ).
Read more