Subject: Re: Why not use root all the time?
From: civileme (civileme@mandrakesoft.com)
Date: Tue Apr 30 2002 - 09:49:35 AKDT
On Tuesday 30 April 2002 09:05 am, Neil Moomey wrote:
> I'm setting up Redhat 7.2 and I keep on reading about how it's unsafe
> to use root all the time. This makes no sense to me. I am the only
> person that uses my computer and a great deal of my time is spent
> installing and configuring my box. Why would I want to ever limit what
> I can do? Promoting myself to su doesn't make me any smarter. Are
> there any security concerns I am unaware of? Is there anyone out there
> that uses root all the time or am I just living on the edge? Thanks.
>
> root
>
Well, windows uses root all the time on its earlier systems. The ability of
viruses to propagate in windows and not in linux is that there are walls
between the OS and the user which you bypass by using root. NT and 2000 are
partially secure except that Microsoft applications use their special
knowledge of the system to bypass the Application Programming Interfaces they
make everyone else use and reach into the kernel directly, so W2K is pretty
secure, with patches, until you add Microsoft applications.
And someone will point out of course that you could
rm -rf /
and wipe out your system as root while as an ordinary user all you get is an
error message about permissions.
But basically by running as root you are bypassing all the protections of the
system. You can inadvertantly save over a configuration file and make your
system unbootable, for example, which is normally impossible for an ordinary
user. Viruses (and there are a few for linux, 4 last I counted) CAN actually
infect executables (because root has write access to them and users don't).
But suppose you are typing a letter and you want to save it, and you decide a
good name for the saved file is rc.sysinit, and you decide you want to save
it in the /etc directory. (Or you were looking at a file in /etc and don't
notice the directory is still /etc)
if you are an ordinary user, you don't manage to save.
if you are root you self-educate over the next few days about rescue disks
and such or possibly reinstall.
I don't know about you, but 98% of the time there is something wrong with my
computer, the problem has its hands on my keyboard. I appreciate the extra
protection of ordinary user status.
Of course if you were running Mandrake, you would see a difference right
away. Root GUI logins have poison red screens and lose most panel items and
screen icons in KDE and GNOME, and still have the poison red scren in most
other WMs. We picked this as a subtle change in the environment to suggest
to the user that he migh be doing something different.
If you are the only one on your machine, then you could set up root with no
password and your ordinary user with a very simple password likr the letter
"a" so when you need to do something as root, the software that checks for
password isn't activated but you still don't login as root except in a
terminal or for a particular task.
Civileme
If you are a user, you get it
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
This archive was generated by hypermail 2a23 : Tue Apr 30 2002 - 09:49:42 AKDT