In the process of reading a post by caf4926 I found out about Local Security Settings in Yast. It’s accessed like so Yast>Security & users>Local security.
One setting I found was under Miscellaneous settings click that & you get a box that allows 3 settings from a drop down:
1.Easy(default)
2.Secure
3.Paranoid
I set mine to secure then I couldn’t get access to any USBs!
So I put it back to easy.
What about you guys?
These settings are of course containers holding alot of individual settings and the one making them guessed that access to USBs for a worker is not secure in a company’s enviroonment (which is correct). What is your question? Either you take the general setting (and then ease or restrict the indivudual ones), or you use the individual one only (that is imho the same as choosing Easy and then varying on it).
Maybe the Secure and Paranoid settings are in accordance to some security standards, but that I do not know.
I did set a host to “secure” and found later on that it could no longer start the KDE environment. Well, this part of yast should be done right or yanked, I don’t care which one. Because setting “secure” needs quite some other things to be configured to make it work (see the /etc/permissions* files). At least it should warn the user and say so.
The predefined settings are a starting point, something to build from for your own system. They aren’t expected to work on all systems.
The Predefined sets are not your preferences, they are groups of settings thought to be a usefull starting point with usefull suggestions. When you click one you can go to Security Overview to see what is on/off now and assess what they mean in your case.
In any case, my idea is that Home workstation is what covers the most of us here, so why try the others when not out of curiosity? And when you do this out of curiosity, first write down what the status was in Security Overview (we call such behaviour: backup before you start meddling around), and then try to understand with an open mind why some settings are thought to be usefull security settings in a company’s workstation and/or server?
Paranoid effectively locks the system down so that you cannot use it for much. You can’t even launch yast to change back to 1.Easy(default) 2.Secure
You can Alt-F2 login as root and startx then launch yast and change the settings again. Its kind of a pickle for an in-experienced user. There should really be a big warning “Don’t use Paranoid without knowing what your doing!”.
Just a thought.
No need to startx from the console, just type
yast
and use the ncurses interface.
BTW you should never use anything (as administrator/root) without knowing what youa re doing lol!
Virtually any task done with root access has the potential to break the system if the user doesn’t know what he or she is doing. It’s up to the user to do some reading. There are warnings for “paranoid” in these forums and on Novell’s website.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The only time I use paranoid it lock the root access, graphical,
text, su… all root access, I’ve to use a live CD to change it to easy
again, secure don’t let me use virtualbox, so if you don’t really need
it and you really know what you do, I suggest do not touch it
VampirD
Microsoft Windows is like air conditioning
Stops working when you open a window.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
iEYEARECAAYFAkyP0s0ACgkQJQ+0ABWtaVnnUQCfbEf4FcbMHV0bzm9/FYXF9jKq
MXoAn2bwDw8lMbveqPtGv4zs1AOk1PC2
=zTCf
-----END PGP SIGNATURE-----
hcvv thanks for pointing that out. I’ve not used the ncurses interface. Makes good sense.