Comments (7)
Algo sets up a single user system, so this has only very little impact. If someone compromises your lower privileged user account, they would have total control of the machine anyway.
We'll take a second look at this later but it's not a priority right now.
from algo.
@dguido Algo sets up a single user system which is fine but that user should not be root, call it algo or strongswan instead - giving the user a prompt would be even better.
from algo.
@hasanakyol , are you suggesting to enter a password for sudo
while playbook works?
from algo.
@gunph1ld all i'm saying is that algo is a very nice piece of software and I appreciate the effort etc. My only suggestion is that when I wish to ssh in to the box for what ever reason i would prefer not to be root for obvious reasons, this account should be disabled. So once algo creates the droplet it should create a NEW user assign it sudo permissions and then use this NEW account to install and configure itself.
from algo.
In both scenarios, if someone takes over your user account (whether it is root or a different user with sudo) then they will gain total control of the VPN server. I'm not sure there is a large difference here. What are you trying to protect against? I disagree with you that it's obvious.
from algo.
You are much more prone to mistakes while working as root.
from algo.
What mistakes?
What is the difference between # rm -rf /
and $ sudo rm -rf /
?
Create another user with sudo rights is not necessary, the issue will not be approved.
from algo.
Related Issues (20)
- Vultr deployment does not work at all before specifying API key step HOT 2
- Deploying Algo vpn server with my existing droplet. Got error of permission denied..
- Error with BlobServiceClient from azure.storage.blob during deployment to Azure (on Windows with WSL2 running Ubuntu 22 LTS) HOT 2
- what is the process to switch to a different port? HOT 1
- algo scripts fails with a couple of errors on Debian 12.4 minimal net install HOT 3
- Installation failure "Deploy from script or cloud-init", Hostinger VPS Ubuntu 22.04 x64
- msg": "The 'file' lookup had an issue accessing the file 'configs/20.22.44.75/wireguard//.pki//private/phone'. file not found, use -vvvvv to see paths searched HOT 3
- After connecting Algo-VPN with Wireguard client from windows/linux/macos internet becomes very slow HOT 2
- Add support for MacOS Deployment
- algo installation failled to Save private keys
- Configuring Algo Server with NTP Daemon with firewalls to allow access only through the VPN tunnels.
- Installation fails under Ansible 9.1.0 with Hetzner Cloud HOT 1
- ansible 9.1.0 not available on gcloud shell
- consider updating gce warning about python 3.8
- ssh-tunnel per user ssh configs don't specify the custom algo port
- Azure Deployment ModuleNotFoundError: No module named 'azure.mgmt.rdbms.postgresql_flexibleservers' HOT 1
- ERROR! couldn't resolve module/action 'vultr_firewall_group'.
- Algo fails to deploy on OpenStack (DreamCompute optimised) HOT 1
- algo fails to deploy on Vultr HOT 1
- Error creating Vultr server in non-default region
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from algo.