Web lists-archives.com

Re: apache2: Could not open configuration file /etc/apache2/apache2.conf: Permission denied




On Tuesday 16 October 2018 05:56:31 Jonathan Dowland wrote:

> On Tue, Oct 16, 2018 at 10:09:39AM +0200, Martin wrote:
> >>     sudo su - www-data -s /bin/sh
> >
> >Don't use sudo with su. It is evil.
> >You want to use 'sudo -i' in this case.
>
> Fascism is evil. This is just unnecessary.
>
> (I'm guilty of still typing "sudo su -" via muscle memory even after
> your messages on the subject. I asked a former UNIX sysadmin colleague
> of mine and he does the same. We suspect that it was from our days
> supporting Solaris, and a sudo that did not implement -i.)

Since leaving a sudo -i laying about is considered a security breach, I'm 
amazed that the -i option doesn't accept a timeout. Say in seconds, as 
if you think it will take 5 minutes to do the job as root, sudo -i300, 
at the ends of which it expires.  That makes more sense than 
the "-i"less 1/2 minute of inactivity to me. At least the exposure is 
limited to less time than it takes to refill your caffeine container and 
catch up on the gossip at the water fountain. ;-)

-- 
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>