[HN Gopher] Remove "This incident will be reported." from user w...
___________________________________________________________________
Remove "This incident will be reported." from user warnings
Author : sohkamyung
Score : 365 points
Date : 2023-04-29 12:25 UTC (10 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| barnbuilder wrote:
| Social media communities really ought to observe a "leave no
| trace" rule with respect to GitHub and other such spaces. This
| commit from February 2022 is now as of today littered with a
| bunch of joke comments from being linked from here and previously
| somewhere else earlier (based on timestamps).
| calebegg wrote:
| > Social media communities really ought to observe a [...] rule
|
| Oh honey....
| seydor wrote:
| They could at least have the option to report it to Santa
| juliangmp wrote:
| This makes me weirdly sad
| rbanffy wrote:
| Same. I like the surreally enigmatic message.
| DonHopkins wrote:
| Why can't I report all those idiots posting the letter "F" in
| github comments? ;)
| chewbaxxa wrote:
| They are just paying their respects.
| Symbiote wrote:
| What does F mean?
| drexlspivey wrote:
| It's a call of duty meme, at some point your character is
| at a funeral and F is the action button and there is a
| prompt on the casket "press F to pay respects"
| cobbal wrote:
| It's a low-effort addition to the dialogue, but it is a
| legitimate communication of a viewpoint. Who gets to draw the
| line of which comments should be nuked? (My view, the repo
| owner should (and maybe already has that power))
| tedunangst wrote:
| Why would somebody care about low effort dialog more than a
| year after the commit?
| klyrs wrote:
| Request a "F" emoji reaction instead.
| [deleted]
| pimlottc wrote:
| For those who may not be aware:
|
| https://amp.knowyourmeme.com/memes/press-f-to-pay-respects
| jon-wood wrote:
| Strong agree on that. One person doing so was possibly amusing,
| everyone else jumping on the wagon is just irritating noise,
| and I'm not even responsible for trying to sift through that
| for legitimate feedback.
| shadowgovt wrote:
| The point of the joke is that it's a bandwagon joke.
| 2OEH8eoCRo0 wrote:
| LGTM. The incident might not be reported, so that message may not
| be accurate.
| seanhunter wrote:
| Thank goodness. That was a terrible message. I remember my very
| first experience with unix was setting up Red Hat 3.0.3[1] at
| work for a small internet company in like 1997 and getting that
| message and just not knowing what on earth to do. There was noone
| in my company who could help me and all I had was a unix book
| from my local library which didn't even cover linux (but I sort
| of thought it would be helpful).
|
| [1] With the legendary 1.2.13 kernel
| johnisgood wrote:
| "This incident will be logged" may have been better.
| rbanffy wrote:
| "Your transgression has been noted and punishment may be
| dispensed accordingly".
| lamontcg wrote:
| "A disapproving God has noted your infraction, and Santa
| Claus has added an entry on the naughty list for you"
| rbanffy wrote:
| "There will be consequences"
| abnry wrote:
| Funny story. When I was in grad school, the math department
| office I was in had Linux computers administrated by the
| department. One day I was goofing in my shared office with a
| fellow grad student by playing with what resources were
| available.
|
| We were trying sudo and failed with enough silly passwords that
| we got the "this incident will be reported" message. I
| confidently told my officemate that these messages were never
| saved and recorded.
|
| A few moments later, from our open office door (which I assume
| meant all our conversation was able to be overheard), our IT lady
| from down the hall came in and said to me "Download the internet,
| really?"
|
| Because yes, I did type, while not saying I was doing so, "sudo
| DOWNLOAD THE INTERNET" into the terminal while goofing.
|
| Funny story but I did feel a bit embarrassed at the time.
| nailer wrote:
| To be fair in 2023, a lot of people are building LLMs and
| starting with downloading the internet.
| deusum wrote:
| Save a lot of time and space by doing an rm -rf first
| adolph wrote:
| sudo !!
| stilley2 wrote:
| I once entered 'sudo echo hi" or something similar on a large
| HPCC and received an email back from a sysadmin that just said
| "hello".
| 1lint wrote:
| That's an amusing anecdote, though I find it bothersome the
| sysadmin failed to correctly implement the echo command
| ww520 wrote:
| There's the talk command on Unix. We used to do a 'who' to
| find out who're on the system and 'talk' to them.
| tryauuum wrote:
| also wall(1)
| andrewSC wrote:
| Also w(1)
| ww520 wrote:
| Speaking of interaction with the admin. Back in the days when I
| was in school, the computer lab ran a Honeywell mainframe with
| terminals. I wrote a program emulating the logon screen to
| intercept the username and password of the unsuspecting
| students logging on and to email them to me. I was going to
| post the list of all the usernames and passwords at the end of
| the semester on the wall. I dubbed it the Fishing project with
| my friends (yes, that's before all the phishing activities went
| rampant).
|
| I collected dozens of usernames and passwords before the
| professor of my CS class stopped me one day after class and
| said, you better stop whatever you're doing. Apparently the
| system saved the typing of all sessions and the admin actually
| went through all of them.
|
| The next semester all the terminals had a physical switch
| installed that had to be pressed to reset the terminal before
| logon. That killed any running program. I was glad to play a
| small part in improving the security of my school lab.
| doctor_eval wrote:
| That's quite similar to my story. While at high school, I
| wrote an innocent program to open the terminals at the nearby
| college for chat sessions - nothing nefarious. The sysadm saw
| what I did and realised I could use it to phish passwords.
| Next time I went to use the computer lab, the terminals were
| locked down.
|
| Showing my age but this would have been 1984 or so... a
| remarkably early contribution to security?
| elashri wrote:
| I remember the first time to have this message was at my first
| time using CERN lxplus during my undergrad. I was worried that
| people will think I am stupid to try "sudo apt-get" there. It was
| a mistake as I had several terminal sessions and forgot which one
| was the local.
|
| Anyway fast forward today. I know the answer to the question to
| whom usually this notification gets sent. They forward it via
| SMTP server to the person on computing shift (at least for some
| of the experiments) based on the experiment this person (who
| tried sudo) account belongs too. probably also some IT email.
|
| Anyway it is stressful for new and young people. but honestly I
| never read them. I have email rule to put them inside specific
| folder I don't usually open.
| bee_rider wrote:
| The first time I saw this message I was on my own danged system
| and I was still momentarily alarmed, hahaha. Common sense
| asserted itself pretty quickly of course.
| justinator wrote:
| So no one checks these reports?
|
| No wonder we've had so many high profile breaches.
|
| Maybe this is what all those layoffs are about.
| steeleyespan wrote:
| A+ joke.
| DocTomoe wrote:
| Only low-key, though. A sysadmin not monitoring authlog /
| admin-mail is a huge security smell.
|
| The fact that our infrastructure STINKS of this is one of the
| major indications we do not take security seriously.
| bee_rider wrote:
| Fortunately we solved this; we don't have any system admin
| to not watch these logs.
| moogly wrote:
| My favorite message I got in Ubuntu in 2008 (I still have a
| screenshot of it):
|
| > Could not grab your mouse.
|
| > A malicious client may be eavesdropping on your session or you
| may have just clicked a menu or some application just decided to
| get focus.
|
| > Try again.
|
| > [Close]
| IshKebab wrote:
| I suspect a lot of readers here will not understand what's
| hilarious about this.
| kmeisthax wrote:
| I remember getting something similar-sounding on modern Ubuntu
| a few weeks ago.
| bvinc wrote:
| This sounds like an xwindows thing. The way popup menu windows
| work in x, is the program grabs all keyboard and mouse events.
| raverbashing wrote:
| Yeah I think nobody checked any reports since a good 25 years
| now.
| ec109685 wrote:
| One of the most privileged processes on the system and no unit or
| functional tests need to be updated with this change. Sigh.
| enw wrote:
| This always surprises me.
|
| How come there are seemingly zero tests for what's essentially
| critical infrastructure?
|
| How do you make sure things keep working? How do you prevent
| regressions as team members change and tribal knowledge and
| intuition is lost? How do you ensure all future humans working
| on the project can make meaningful changes with confidence?
| nixcraft wrote:
| Boy, I made so many memes around sudo. I can't believe they
| removed it. I mean, sudo does log messages in /var/log/secure or
| /var/log/auth.log on Linux when something fails or is executed
| successfully, depending on security policies. The default on most
| distro is to log messages.
| shadowgovt wrote:
| Can't be done. That program is in the fossil record; change the
| error message and you're going to break a thousand unknown
| workflows that are relying on detecting that string (because
| string detection is the only solution they have to get nuanced
| information on the nature of the error).
|
| ETA: Oh wait it was actually committed? Color me surprised.
| chaxor wrote:
| Yeah I _relied_ on that over heating to occur when pressing
| Ctrl for too long :D
|
| (Hopefully someone understands the reference)
| encodedrose wrote:
| https://xkcd.com/1172/ !!
| remram wrote:
| (February 2022)
| klyrs wrote:
| I've always been amused by this, because I usually get it on
| single user systems (mine own) without mail. It makes me picture
| some shady office in a bunker in central Nevada, where
| undeliverable incident reports end up in dusty filing cabinets,
| indexed by incorrect passwords.
| jamal-kumar wrote:
| For those wondering where the reports go, under systemd-based
| linux distributions ideally you can get them with this:
| sudo journalctl /bin/sudo
|
| Historically speaking however the sysadmin with access to the
| 'mail' command would be able to run that and see mail delivered
| to root@localhost for these reports. I think at least OpenBSD
| still does things this way [1], but they moved away from sudo
| YEARS ago now [2]
|
| [1] https://man.openbsd.org/security.8
|
| [2] https://man.openbsd.org/doas
| evilspammer wrote:
| I haven't used journalctl in a while - do you mind explaining
| how it works with a binary path? Does it report all system
| logging that came from that executable, as if it were a service
| file?
| teddyh wrote:
| The systemd journal logs not only raw strings and priorities
| (like legacy syslog), but a large number of metadata fields
| for each message. One of these fields is the name of the
| executable which generated the message. The command
| journalctl /bin/su
|
| can, to avoid ambiguity, also be written as
| journalctl _EXE=/bin/su
|
| See systemd.journal-fields(7) for more information: https://m
| anpages.debian.org/stable/systemd/systemd.journal-f...
| dingledork69 wrote:
| Or you set up your system so mail for root gets redirected to
| an smtp server with an actual inbox read by actual people
| jamal-kumar wrote:
| Yeah, I kind of lament them removing this warning if I'm
| going to be honest. It feels like something such as that
| should be more common best practice.
|
| Of course decent log collection/monitoring should also be
| able to catch authlog stuff and alert accordingly and I'm
| sure most organizations rely on solutions like that instead
| of letting things get lost in email
| stefncb wrote:
| It's only removed if sudo doesn't send mail. It still warns
| if it's relevant.
| can16358p wrote:
| Isn't it leaking detail about internal policy about
| whether incorrect sudoing is getting reported or not
| though?
| freedomben wrote:
| Is there more to the change than the linked commit?
| Because if not, looking at the code change I don't see
| how you could possibly be correct. There is no additional
| logic/branching that could be checking whether sudo sends
| mail or not, just a string change.
| TaylorAlexander wrote:
| It was added back in a later commit but only prints if
| the mail is configured.
| freedomben wrote:
| Nice, thanks that's very useful info
| bo0tzz wrote:
| This is correct, and was added back a few weeks later in
| https://github.com/sudo-
| project/sudo/commit/9757d29a24ac1872...
| electroly wrote:
| This is a pretty short diff and it clearly does NOT do
| that, unless you're saying they went back later in
| another commit to add this. They removed the message in
| all situations. The string "This incident will be
| reported" has been removed from the source code; it could
| not possibly print that message now.
| simse wrote:
| The warning is added back here: https://github.com/sudo-
| project/sudo/commit/9757d29a24ac1872...
| fafqg wrote:
| This doesn't seem to be correct.
| asveikau wrote:
| I feel like that warning comes right out of the era of
| multi-user machines with unprivileged shell accounts. That
| era is largely gone. Today, someone, possibly a less
| knowledgeable user, runs sudo on their single user laptop
| that they completely own outright, and may get confused who
| they're being "reported" to.
| jamal-kumar wrote:
| Funny if you live in a free country
|
| Potentially terrifying if you don't
| wkat4242 wrote:
| To themselves of course. That's pretty clear.
|
| But there is a renewed focus on corporate laptops to
| remove admin rights on windows. Not really because the
| user is not being trusted, but because malware has a lot
| more options for bypassing EDR/antimalware and
| persistence when it runs with admin rights.
|
| I'm sure this will come to Linux too at some point.
| ctoth wrote:
| Completely this, I was so confused by OP because naturally
| this is how my playbooks configure my systems.
| jamal-kumar wrote:
| I think this is mostly relevant to how confused and
| sometimes downright mortified it makes new users of sudo
| when they encounter it
|
| In other words, don't think well-configured ansible
| playbooks are most people's first exposure to linux
| although it does sound like you're doing things right which
| is nice to hear
| jimmaswell wrote:
| I was surprised to start getting emails about my cron tasks
| once I set up my mail server. It's neat.
| prmoustache wrote:
| I've always felt it was a very bad practice not to do it.
|
| In a lot of companies but one they avoided it for fear of
| receiving emails. On that only company that did it, we made
| sure that mailbox was clean by actually having a look when
| cron scripts were crapping out or when users failed sudo
| repeatedly and contacted the users. It was a much better
| housekeeping than log on a box and see there are hundreds
| of unread emails but dismissing it like most do.
| evilspammer wrote:
| I think it's a fear of _sending_ emails. You could
| accidentally trigger a cronjob that sends a bunch of
| emails and gets you put on spam filters. Error reporting
| for cron is, of course, important; but the builtin email
| reporting is best used for the local machine/network. A
| more flexible and robust solution calls out to an API
| that handles transactional emails/push notifications with
| debouncing, escalation policies, etc.
| trollingagain wrote:
| The infringement has been backtraced and you will be reported to
| the cyberpolice
| wolfd wrote:
| When I was in uni, the computer science school actually did
| occasionally check these reports. Specifically, a guy named Chris
| checked them. Some friends of mine apparently used this to send
| him messages.
|
| `sudo hi chris`
| gvurrdon wrote:
| Similarly, at a place I used to work, messages such as "sudo
| echo 'Hey John, please would you chmod -R a+r on
| /storage/data/filename.txt, thanks!'" were used. This usually
| resulted in irate "Stop that! You have to submit a ticket!"
| emails.
| nickdothutton wrote:
| This would make a great (inaccurate) clickbait story about how
| millenials (or insert group) found the message too
| confronting/authoritarian.
| its-summertime wrote:
| Stressful message to see back when I was a clueless child. I'm
| glad its getting removed.
| bqmjjx0kac wrote:
| I had a similar reaction to Windows 95's "An illegal operation
| has occurred." I remember wondering whether the police were on
| their way.
| nullc wrote:
| A friend of mine ran a multi-line BBS out of his home when he
| lived with his parents.
|
| One day he came home and his parents sat him down to discuss
| the "illegal activities" he was up to with the computers. He
| was sweating bullets about the secret warez section of the
| BBS until eventually he figured out that it was due to an
| illegal operation crash message!
|
| (In that case it was probably desqview rather than windows)
| sergiomattei wrote:
| My brother pulled this prank on me when I was first learning
| batch file.
|
| I thought I was going to jail.
| glhaynes wrote:
| I got my first computer when I was about 6. It would boot to
| BASIC if there wasn't a floppy disk inserted. I typed
| something random and got back "SYNTAX ERROR". I wasn't old
| enough to know what either sin or taxes were, but my
| impression was they were both real bad.
| [deleted]
| jon-wood wrote:
| Way back when my Dad worked from home, and had what I think
| was a Macintosh Classic II provided by his employer. I'd
| occasionally be allowed to play the games on it, mostly the
| pair matching one, which on one occasion crashed. Back then
| the crash dialog featured an icon of a bomb with the fuse
| lit, which caused me to panic thinking I'd caused the
| computer to blow up. Thankfully I hadn't, and I believe that
| computer is still in his attic somewhere.
| Kye wrote:
| I have genuinely had to reassure panicked relatives over
| this.
| shpx wrote:
| Next step is to remove users/groups/sudo from Linux/UNIX
| entirely. I'm one person using the computer, running software I
| trust. I don't need it.
| mnd999 wrote:
| I suspect if you look in your passwd file you'll find lots of
| users. Does nginx really need to read the files in your home
| directory?
| bmacho wrote:
| Why, yes. Imagine you are in flow, and you want to show a
| file to nginx, but you can't. Better give root (and user)
| rights to nginx when you set up your system.
| scraptor wrote:
| Very few computers running nginx have human user accounts
| with more than dotfiles in the home directory. Meanwhile
| desktops run everything on the same account because defining
| usable security policies between users is basically
| impossible.
| sph wrote:
| Just login as root. Not that I'd recommend it.
| radiator wrote:
| So ...puppy Linux?
| lxe wrote:
| The "this incident will be reported" message always struck me as
| having the same vibe as the "provided by the management for your
| protection" labels they have on toilet seat covers.
| Buttons840 wrote:
| Can someone share even _one_ story where sudo reporting these
| "incidents" was helpful?
|
| This feature seems to come from a world where elite hackers
| simply repeat the same sudo command over and over hoping it will
| eventually work.
| gtirloni wrote:
| _> Can someone share even one story where sudo reporting these
| "incidents" was helpful?_
|
| No, not a single one.
| rbanffy wrote:
| "And, if we did, we'd have to kill you."
| hoodmane wrote:
| Yes. More or less the first time I used Linux was on a fedora
| workstation at my desk at MIT. The very nice sysadmin down the
| hall sent me an email just a bit later saying "We see you were
| trying to install x program. We installed it for you." I
| understand that this is a very rare experience but the first
| time I saw that message, a helpful person _was_ actually
| looking at these reports.
| hutzlibu wrote:
| Does this kind of sysadmin still exists? (or do they even
| still have the freedom to be so kind?)
|
| I cannot really imagine that happening today, at least not in
| "professional" context.
| stcg wrote:
| It still happens, a fellow student and friend of mine got
| this response ('installed it for you') about two years ago
| at Radboud University Nijmegen after entering `sudo apt
| install nasm`
| vulcan01 wrote:
| I have a small server that some of my friends have accounts on.
| When they accidentally (or not!) try to use sudo (often this
| happens with a "curl | sh" thing) I like to be informed.
| throwaway892238 wrote:
| There's no need to update the copyright year, but I do like it as
| a canary to tell somebody the file has been updated lately.
| hardlianotion wrote:
| Aw - can't we just make it configurable?
| pram wrote:
| I was always disappointed it never summoned some grumpy graybeard
| unix admin from a dark server room basement to give me a chiding
| lecture.
| tomatodevice wrote:
| I receive mails from sudo incidents generated by my users, I
| check the boxes except the gray beard.
| bee_rider wrote:
| I shave, I try to keep my demeanor as gray as possible.
| bonzini wrote:
| What about the red dress and flying reindeer?
| duxup wrote:
| I would have taken the opportunity to ask them a few questions.
|
| But that's probably why they don't come out to lecture.
| john_shafthair wrote:
| https://web.archive.org/web/20180426220342if_/http://assets....
| themodelplumber wrote:
| I got a chiding lecture like that from some skinny UUG-type
| security admins, by manually shutting down my HP-UX workstation
| in a university CS lab. I had reached behind it and flipped the
| power switch.
|
| I tried to flip it back on just afterward, to resume my
| business (lol) but found that my login was blocked with a
| message...come up to security in room 300-something and talk to
| us to get your account un-suspended.
|
| The issue leading to the frantic shutdown goes as follows:
|
| I had been browsing some of JWZ's online journals in
| Netscape...the old about:jwz trick.
|
| Within those pages, there's a linked audio clip of the fake
| *rgasm scene from "When Harry Met Sally".
|
| I clicked on the link not realizing what would happen, and of
| course this passionate audio clip played at more or less full
| volume to a computer lab full of university students from
| China.
|
| (They were extremely "I didn't notice that" about the whole
| thing, but I was beet red and frantically scanning the room for
| anyone who I could possibly nervously laugh with...)
|
| Back then Netscape didn't show any audio controls that I could
| find anywhere when clips like that played, which was also a
| really frustrating part of this. I guess it just handed off the
| audio to some process which I could have found via `top` if I
| had the time.
|
| There was also an internal speaker, nothing with a manual
| volume control. Great!
|
| Anyway, I went upstairs, got my lecture about other people who
| could have had sessions terminated while working on the same
| workstation, got the login back, and fortunately none of the
| Chinese students seemed to have let my er..._BYU_ CS security
| admins...know about the situation in the lab. lol.
|
| (No longer a practicing Mormon; still think CDE is cool)
|
| Edit: Just for the memories...at the same time, I had a PT job
| doing university IT support on a Novell network, and we
| supported, among other places (the MTC, the laundry, Creamery--
| PHEW those amazing chocolate malt shakes--but not so phew the
| time the creamery's huge 1K+ gal. milk vats leaked and there
| was a foot of standing milk in our PCs there, etc.), the
| married student housing computer labs.
|
| Colloquially labeled by my boss and others as the "rabbit
| hutches"...
|
| This was still pretty early days for the web, and I remember
| periodically getting frantic voicemails from newly-married
| folks.
|
| A common version of the voice message would be something like,
| "Hi, uh...I was in the married student housing lab...trying to
| book airline tickets for my husband to fly home and see his
| mom...anyway (tearful quivering voice starts)...russian porn
| came up I guess? I mean I am just guessing...uh, so
| anyway...(crying harder, phew)...the lab assistant gave me your
| number, and here's my number, if we need to talk about this or
| anything, call me I guess?"
|
| I can't imagine what those students must have felt when the lab
| assistant just shrugged their shoulders regarding "what to do
| about this" and gave them somebody's office number to call. Up
| the chain with you!
|
| Gestapo-level perceptions would always tend to kick in at that
| point...and you had to maintain an ecclesiastical endorsement
| to continue studies there, so this was a pretty big deal.
| Anything involving porn was always at the potentially-
| terminate-your-entire-university-experience level.
|
| (Often the calls to those labs were pretty funny though. Like a
| toddler put a dorito inside of a CD-ROM drive, bring your
| hemostat, things like that. Afterward we'd get a Jamba Juice,
| or get a free cafeteria meal from a really nice food-services
| manager, chat about Everquest, etc.)
| astrange wrote:
| > the married student housing computer labs.
|
| This is a good garden-path sentence.
| themadturk wrote:
| They have a pretty amazing creamery at Washington State
| University as well... have a milkshake after lunch, you won't
| need dinner. Go Cougs!
| zubairshaik wrote:
| What does UUG stand for? That's the only acronym that ChatGPT
| didn't give me a guess for from your comment.
|
| The other guesses were: CDE - Common Desktop Environment, MTC
| - Missionary Training Center.
|
| GPT is much better than web search for this, I'll say that.
| It's ability to use context is invaluable.
| themodelplumber wrote:
| https://www.facebook.com/groups/byu.uug/
|
| This user group was already in place by the time Linux came
| along, so you had the UUG doing Red Hat boxed set giveaways
| and such. There was a ton of excitement about Linux and not
| as much about Unix at that point. Then a bit more proper-
| Unix excitement when OS X came out.
|
| The other ones are correct.
| asdfman123 wrote:
| Just because we've never seen him doesn't mean he hasn't at
| some point quietly summoned a curse on us
| sph wrote:
| Or silently reduced your quota by 20%
| jaggederest wrote:
| let me just run the tape eraser over the backups for that
| user...
| ChrisMarshallNY wrote:
| Was his name Simon?
| esafak wrote:
| For the uninitiated:
| https://en.wikipedia.org/wiki/Bastard_Operator_From_Hell
| hprotagonist wrote:
| > CLICKETY <
| LegitShady wrote:
| "man the internet has been really slow lately"
|
| graybeard chuckles in the server room
| blueflow wrote:
| At @dayjob, we have a mailing list for root@ mails. We actively
| use it for recording the output of cronjobs and like that.
| Several times a year i get sudo fail mails from random people on
| the terminal servers. A few years ago i actually compiled a list
| of the most prolific repeat offenders and they got a bag of
| marshmallows that have the form of coal nuggets right before
| Christmas vacation.
| ibic wrote:
| As it happens - "The warning was restored in a slightly altered
| form in 9757d29" ( https://github.com/sudo-
| project/sudo/commit/9757d29a24ac1872... ) - Millert.
| dan_linder wrote:
| This is great! Now when I break into a system I can quickly
| verify if they've got this aspect of sudo logging setup or not!
|
| Only 1/2 /s
| usr1106 wrote:
| That makes senses. I already wanted to comment that showing an
| false warning is not good. But silently sending a mail of what
| you tried to do is worse.
| brundolf wrote:
| Obligatory xkcd (one of my favorites): https://xkcd.com/838/
| kitsunesoba wrote:
| Reminds me of using Win9x when programs crashed (as often
| happened then), prompting Windows to present those "This program
| has performed an illegal operation" dialogs.
|
| As a kid the only bit of that message that made any sense was
| "illegal operation" which made me wonder if I'd broken some law
| somehow.
| phendrenad2 wrote:
| This is why I don't put easter eggs or obscure programmer-lingo
| into programs anymore. Every error is potentially user-facing.
| [deleted]
| EvanAnderson wrote:
| The first computer at my home was a machine my father bought
| for bookkeeping for his business. I had a loose understanding
| of what that meant (around 8-9 y/o). I knew paying taxes was
| something he did.
|
| I remember looking thru the BASIC manual and seeing
| "ILLEGAL..." error messages. I assumed it meant that doing
| whatever this was somehow violated tax laws. Made sense to me
| since the computer was used for bookkeeping.
| Ruq wrote:
| Just change it to "This incident has been logged to /PATH." and
| that should be fine, right? Or, if you're really concerned about
| not exposing system log paths just mention it's been logged.
| Mordisquitos wrote:
| sohkamyung is not in the sudoers file. This incident will be
| reported.
| f1shy wrote:
| Sogtulakk?
| fafqg wrote:
| acm1pt
| ajsnigrutin wrote:
| So... how will santa know who's been a bad boy/girl now?
| forgotusername6 wrote:
| So according to the comments it isn't actually gone, just the
| wording updated and now dependent on if you have actually set up
| the mailer to report it somewhere https://github.com/sudo-
| project/sudo/commit/9757d29a24ac1872...
| john_shafthair wrote:
| That seems pretty stupid.
|
| While they're at it, why not update the SSH warning banner with
| a list of what we do and don't log on this system. As a
| courtesy to their adversary.
|
| This sudo message has been the same since the dawn of time.
| There is literally no reason to correct it. This is the one
| place you don't want to be pedantic, leaking security
| configuration via stderr.
| kragen wrote:
| something like 99% of computers with sudo installed are
| single-user machines where the only effect of the warning is
| to scare people
|
| and it's only been the same since people started to switch to
| sudo in the late 90s; su never printed such a warning
| alexb_ wrote:
| >the only effect of the warning is to scare people
|
| Good. If you're not familiar with what sudo does, then you
| shouldn't be using it in the first place.
| teaearlgraycold wrote:
| If it's your own computer you should be able to break it
| until you learn how not to.
| twelve40 wrote:
| i'd argue in a different direction: if sudo barks a scary
| unknown message at me, i'd avoid using it altogether and
| just use su, which is the opposite of what people should
| be nudged to do.
| pxeger1 wrote:
| It's an abstraction. You shouldn't need to be familiar
| with every aspect of what it does.
| kibwen wrote:
| If you shouldn't be using sudo, then you shouldn't be
| listed as a sudoer on that system. If you're listed as a
| sudoer, then you should become familiar with what sudo
| does.
| TaylorAlexander wrote:
| Reminds me of when I was younger and my mom and my brother
| were using a windows computer. They got the message "an
| illegal error has occurred" and my mom called me to ask if
| they had broken the law.
| mr_mitm wrote:
| When I was young I had messed with the computer and it
| showed an english message with the word "atom" in it. My
| mom not being a native speaker freaked out as if a
| nuclear explosion was about to take place.
| john_shafthair wrote:
| 1. All Unix systems are multi-user. Hence sudo.
|
| 2. Who are these scared people? Do they think the Unix
| police are going to kick in their door? A guy with gray ear
| hair and suspenders that will be out of breath from walking
| up their front steps?
|
| 3. I'm referring to tailoring an error message based on
| security configuration. That's the dumb bit.
| Arch485 wrote:
| I don't really think this is a security issue. If an
| attacker is able to try executing sudo on your system,
| you have much bigger problems (for example, data exfil
| can be done by non-sudo users in many cases, or if your
| system is sufficiently old there's known priviledge
| escalation exploits). I don't think an attacker gains
| much knowledge from knowing whether or not they're on the
| naughty list.
| IshKebab wrote:
| If the attacker can execute sudo they can probably just
| alias it to a sudo that sends them the password and wait.
| The number of users on multiuser systems who _don 't_
| have sudo access is just vanishingly small. Universities
| perhaps. But in most companies, if they trust you with
| access to the machine in the first place they'll trust
| you with sudo access.
| aflag wrote:
| That message is poor UI. If you know what it means, you
| probably don't care about the possibility of sudo sending an
| email when you first typed it. If you don't know, you will be
| worried probably without a good reason to be so.
|
| Nowadays it's even worse than it once was, because now the
| natural instinct of people is to think that the incident was
| reported to canonical or ibm. The opposite of how they are
| supposed to feel about when using free software.
|
| I'd change it to "This attempted was logged" or something
| like that when that is true. Just so the user is aware that
| the data they are typing there may be seen by someone else.
| But by default, in their own systems, that message should
| never appear, unless they specifically configured it that
| way.
| [deleted]
| microtherion wrote:
| Maybe update pnews.sh as well to recalibrate the estimate of
| "hundreds, if not thousands of dollars" per usenet message.
| discreditable wrote:
| Warning banners are not uncommon. https://www.stigviewer.com/
| stig/red_hat_enterprise_linux_8/2...
| matsemann wrote:
| But I use the output from sudo in my program, changing this
| message breaks my scripts. /s
| lucb1e wrote:
| Here, you dropped this: https://xkcd.com/1172/
| gopalv wrote:
| https://xkcd.com/838/
|
| Well, if you have an incident list and nobody's checking it twice
| ...
| oconnor663 wrote:
| That XKCD is actually mentioned directly in the commit message
| :)
| CrampusDestrus wrote:
| Anyone knows why it's even considered an "incident" at all? you
| might have misstyped a username or something, why would it
| require a report?
| [deleted]
| estebarb wrote:
| I teach an entry level CS course at the University and my
| students got scared a lot when they saw that message. It was
| funny until I noted that they were really worried :( .
| diebeforei485 wrote:
| Yes, it's important that things be clear. Hopefully we do
| something about man pages next, they are way too obfuscated.
| rbanffy wrote:
| Not to say sexist.
|
| /me ducks
| babuloseo wrote:
| No lets keep this :)
___________________________________________________________________
(page generated 2023-04-29 23:00 UTC)