Re^7: [RAKU] How to install zef on Ubuntu 22.04

” I'm the server's admin, and only user...”

That's not good. Not good at all. It's actually a big mistake. But you can still change it. Create a user polyglot or whatever. And sudo is your friend. You probably also log in as root via SSH, yes? Not good either. Turn that off. Logging in with keys is not a bad idea either. My provider has been doing this recently. And in the company I was last at (and in all the others too) this was the usual procedure. And corion has already said it: Install such stuff in your home - or in that of any other user for this purpose.

«The Crux of the Biscuit is the Apostrophe»

Comment on Re^7: [RAKU] How to install zef on Ubuntu 22.04

Replies are listed 'Best First'.
Re^8: [RAKU] How to install zef on Ubuntu 22.04 by Polyglot (Chaplain) on Dec 28, 2023 at 18:44 UTC
I login as my home user, then upgrade to root as necessary. The way the server is setup, no one is able to enter remotely as root (I think it's possible with console access--but any hacker with physical access cannot be stopped from basically whatever, anyhow). Yes, I use SSH...don't virtually all server admins? I have a few tricks up my sleeve for server security, though. I've only been successfully hacked once--many years ago when I was a bit wetter behind the ears. In that case, it was a security hole in PHP. I just don't bother using anything with PHP anymore (at least, not public-facing). Who needs PHP when perfectly able to program in Perl? :) I use keys for some things, but consider them to be a security risk of a different sort, e.g. if someone steals my laptop that has my keys on it....well, there goes access to my servers, too, if the thief has tech savvy. As for my Raku setup, I am wanting to use Raku for my public-facing CGI scripts. Putting it in my home dir makes little sense to me. Someone will have to be more detailed in explanation to help me grasp what sort of security risk I'd be mitigating by doing so...and why there would not be an equally negative risk to my /home/user materials. I note that Perl never needed to be installed in my home dir. Blessings, ~Polyglot~	[reply]

Replies are listed 'Best First'.

Re^8: [RAKU] How to install zef on Ubuntu 22.04
by Polyglot (Chaplain) on Dec 28, 2023 at 18:44 UTC

Yes, I use SSH...don't virtually all server admins?

I have a few tricks up my sleeve for server security, though. I've only been successfully hacked once--many years ago when I was a bit wetter behind the ears. In that case, it was a security hole in PHP. I just don't bother using anything with PHP anymore (at least, not public-facing). Who needs PHP when perfectly able to program in Perl? :)

I use keys for some things, but consider them to be a security risk of a different sort, e.g. if someone steals my laptop that has my keys on it....well, there goes access to my servers, too, if the thief has tech savvy.

As for my Raku setup, I am wanting to use Raku for my public-facing CGI scripts. Putting it in my home dir makes little sense to me. Someone will have to be more detailed in explanation to help me grasp what sort of security risk I'd be mitigating by doing so...and why there would not be an equally negative risk to my /home/user materials. I note that Perl never needed to be installed in my home dir.

Blessings,

~Polyglot~

[reply]