Tauno Voipio wrote:
> sfd@sdf.com wrote:
>> Hi
>>
>> I've just installed a new system with Suse linux 10.0 and spent about 6
>> weeks configuring it. I did everything with the root user (daily work,
>> internet, program installation...). I'm now in the process of setting
>> up a
>> 'normal' user to work with. I wonder though if it is not too late and
>> if my
>> system might have already been compromised.
>>
>> Apart from 2-3 system crashes and occasional slow-down (which could well
>> have been linked to 'benign' software/hardware problems), I didn't
>> experience anything wrong.
>>
>> My question really is: Can I now safely create and work with a new
>> 'normal'
>> user or do I need to reinstall everything (and only user root for such
>> things as packet installations)? As I spend a lot of time going through
>> the installation and configuration of new software, I'm not keen on
>> reinstalling everything. Is there a way to find out if my PC is
>> compromised? :-)
>
> If there is not much done after the installation, or you can afford
> to lose your changes, do a re-install. The check is more tedious, and
> it always leaves the little nagging feeling, if something went
> unnoticed.
>
> In case of doubt - wipe the thing and re-install it. This time,
> please create the normal user at once, and do not allow SSH root
> logins.
>
Utter tosh.

Just go and set up a normal user.

If things don't work, use root to fix them.

Its more likely you will cerate things that CAN'T be used by a normal
user when acting as root, than you will create things that ANYBODY can
access regardless.

If security is a worry for you, rather than a way to impress other
people with spurious second hand half baked opinions..then take the time
to understand how Unix and Linux security actually works.

And don't take anyones word for it other than the manuals. Including mine.