Le 30-03-2025, Farley Flud <
ff@linux.rocks> a écrit :
On 30 Mar 2025 13:49:04 GMT, Stéphane CARPENTIER wrote:
>
>
I think that's considered bad practice,
Of course it is.
>
No, it's not bad practice.
Of course it is. Your inability to understand what happens on your
computer doesn't change the facts.
My machine belongs only to me and running as root is the
ONLY sensible option.
In fact, no. Running as root some commands like "rm -rf /*" is what you
describe and anyone can say that. Now, when you run tcpdump, your are
using data coming from Internet. You don't control the data coming from
Internet, you can believe/pretend whatever you want, it's a fact. So if
someone sends data mean to breach tcpdump, running it as root just grant
him the full power of your computer without any need to escalate
privileges. That's why it's called bad practice.
Now, you claim/believe what you want, I don't care. The fact remains:
your computer belongs to anyone able to send you data as much as it
belongs to you. The best protection for your computer is being managed
by your clumsy hands which make it closer to a brick than to a computer.
As long as the joke you are using as a computer remains useless, it's
protected against any attack from the outside world. But be careful: the
day you learn enough to make it run like a real computer, it will be
used by others. Even if you can't see it.
I have been through this discussion with many others in the
past and none of them could ever explain how running as
root could lead to "exploits."
Because you don't understand how a computer works. It's not running as
root which leads to exploit. Running as what you want can lead to
exploit if you don't control the inputs. And with tcpdump, you don't
control the input. By design. Because, by design, tcpdump manages what
others send to you as much as what you send to others. And you can't
control others, so you can't control what others send to you. That's a
simple fact. Your inability to see it is telling. So, there is no way
you can control tcpdump inputs. So running tcpdump, by itself, can lead
to exploit. And if tcpdump is running as root it has the full control of
your computer. That's why it's bad practice: you just facilitate the way
of the hacker.
You can sanitize data as you want, you still don't control them. And I
read enough of your messages to know that you certainly don't sanitize
your inputs of tcpdump. I'm not saying you should, because if you did,
you wouldn't be able to analyse it. But I'm pretty sure you can't use
tcpdump for real: you are only able to launch it claiming you are a
master of your computer. So you can't sanitize your data, you can't
understand the outputs of tcpdump and nothing you can do would change
that. So, the only fact that remains is: if someone was sending data
designed to pawn tcpdump, you would grant him full control of your
computer and you would never realize it. Good job.
Can you? Ha, ha, ha, ha!
Of course, I can. Now, the real question is: can you understand my
simple explanation? I seriously doubt it.
They, like YOU, are just parrots that mimic what they've
been told. They have no understanding.
You are the one unable to understand the reason why it's bad practice.
Not me. Don't switch sides. You are the one unable to understand why
it's considered bad practice.
They, like YOU, accept whatever their distro gives them.
You already proved you know nothing about distros, so you can't know how
I use mine. You can't know what mine allows me to do neither. And there
is no relation between a distro of choice and the way one use tcpdump.
So this sentence is like you: garbage unrelated to any technical
discussion.
I have been running as root since the very beginning and
I will continue to run as root until the very end -- and
there have been and there will be no fucking consequences.
I know. I already answered that stupidity. You are stuck in the past,
so, you can't understand that malware evolved since you first heard
about them. At the beginning, the viruses were destroying your computer.
Today, they are using it. Because destroying your computer could be fun
but useless when using it can bring money. As you don't really use your
computer, if someone was taking control of it you wouldn't realize it.
You computer is either probably part of a botnet. It can be either
mining bitcoins for others or trying to attack banks. Or both at the
same time. For the bank part, if the cops are coming to your house,
you'll be aware of it. You can't be able to to see it. Thirty years ago,
when someone took control of your computer, you realized it the hard
way. Now, it's using your computer and you don't realize it.
Good job for giving the power of your computer to others. It's nothing
to you and it's money for others. You should be proud of granting a way
to others to get money thanks to your computer without you realizing
it.
You probably wish that you could run as root,
I don't wish it. I have no need for that.
but you don't know how to do it.
I can do it if I want to: "sudo su -" and it's done. So, I just proved
your sentence is a lie provided by an incompetent Linux user. Because
anyone knows how to run as root. Even if you are unable to understand
why I put a dash at the end of my command. It's just plain stupid for
most of the cases, there is nothing to wish for. There is only basic
knowledge of Linux, which you clearly don't have.
Your distro makes the decisions and you just follow like a sheep.
Once again: you don't know what a distro is, you don't know how a distro
works and you don't know how I use my distro. So, this sentence is just
like you: a bag full of shit.
You are just another helpless distro lackey that cannot
control his own machine.
Once again: I'm not the one complaining against freedesktop, systemd,
python and wayland. Unlike you, I'm using my computer as I want. So,
once again: don't switch sides. You are the Windows fanboy unable to use
efficiently Linux.
-- Si vous avez du temps à perdre :https://scarpet42.gitlab.io
Please List Your Open Ports
Re: Please List Your Open Ports