hmm, the shrike list didn't post everything I sent...ah well, after two tries, I guess the list just really doesn't like the message. I don't wanna butt heads with anyone. I am a really stubborn person, tho. I find myself fighting my position, even if it is only half a degree out of alignment of everyone else's position. I instantly accept reasonable correction. Quite often, I am wrong, but nobody has given me an explaination that I accept. Being a Jew (Christian, BTW), I absolutely love debate and argument. I hope nobody takes offense at anything I say. [slice] (From Jesse Keating) > *cough* have you not seen sudo? You can assign all kinds of levels of admin > privs w/ sudo, and the user never has to know the root password. I've seen sudo, but I don't know of any way to use it that it is more convenient than su. Is there a way to, for example, allow User to open Root's files when he's browsing around in Nautilus? Also, as far as I can tell (although I am still somewhat unclear on sudo), commands are always executed "sudo -u user command", which is quite impossible to type from inside a Nautilus window. That reminds me, does anyone here use Nautilus or Konqueror to install or run programs? I always used the console, because it was quicker, but lately, I tried using Konqueror to extract files and using Nautilus to run RPMs and to run binaries and scripts. Konqueror doesn't seem to like large archives, and nautilus sometimes installs one RPM, but usually stalls during that one and doesn't respond when trying any others. Running scripts never works, but running some binaries works. Sometimes, the program, such as an installer, starts, but it doesn't take any input from the keyboard or mouse. Also, everything seems to run sluggish when launched from a Nautilus file browsing window. Konqueror never has any problems running programs... I noticed these problems when my little brother was getting frustrated trying to install a program and then to start the installed program. The source of his trouble was that he was trying to run them by double-clicking from Nautilus. Same with Wine in Psyche. Almost no win32 programs run when double-clicked (although they take up a ton of processing), but typing "wine program.exe" works every time... I dunno. I'm not making much of a point of it, since I didn't even try it in Slackware. Just thought I'd bring it up... [slash] > Why "get around" things, instead of using them as designed? because as designed, xscreensaver doesn't want to run as root... by the way, I thought I'd come up with some creative ways to make the settings stay put, but I come to realize that everything works just fine with xscreensaver...it just complains in xscreensaver-demo, that's all... [oxy-clean] > So, I don't quite get this. Running as the user is more dangerous because you > fat-fingered a command? Huh? no, in our specific working environment, running as user holds the same danger as root, not more... [piff] > There are also things you can pass to the modules.conf file (not folder) that > can perm. damage the video card. Do you really want your users having access > to this? yes! I do! in fact, my little bro has successfully patched his video BIOS and allowed a video card we would have normally thrown out to work. the fact remains that all the users here own their own computers and know their own passwords. if a user wants to modify modules.conf in a way that may damage his video card, he's going to do it anyway. but please understand, for the vast majority of Linux users, running as root is a bad idea. in fact, we here in this house are the only ones I recommend to run as root...well, and one friend of mine... [snip] > Locked xscreensaver, no virtual consoles left logged in. Of course, if > somebody really wants the data, and they have physical access to the box, > there is no stopping them. But locking the screensaver, and not allowing a > <ctrl><alt><bs> can keep the casual snooper out. I'm sure this is where the confusion starts. Security is not a concern here. Reliability is. > THere are also many other reasons not to run as root. Run-away processes or > buggy software can cause _much_ more damage if ran as root, instead of as a > user. There are also very many security problems. XFree86 isn't very > secure, this being told to me by various XFree86 developers and maintainers. > Running X as root is inviting trouble. Many other network apps are equally > if not more insecure, and the potential damage is much much greater if ran as > root. Now here's an argument I haven't heard yet; that runaway processes may have more power. That would affect system reliability. However, it's obviously so small of a risk, since I haven't had a single problem since starting to run as root, and I have installed and run literally hundreds of precompiled binaries on my system. I haven't even had a stall or a graphical glitch. I think that the level of code that would actually cause that kind of trouble would be at or near the kernel...such as when htree wiped out my ext3. Don't get me wrong, I really like the security in Linux. I'm thrilled to have it. I also think that there are *almost* no occasions to run as root. > IMHO, there is no reason, other than lazyness, to run a system as root. That's basically what I'm saying, too. > Period. period period period (okay, I should have put that last line here instead of where it is...ah well) (From Eric Koldeweij) > I have a server which I ONLY need to do maintenance on. Still I don't > log in as root. In my 15 years of Unix experience I've seen too many > things go terribly wrong for the lazy sysadmins, from the stupid fake > login script, password sniffing you name it. The main hazard is that > should you accidentally execute a malicious program (or a faulty command > or shell script even) it is executed as root and can therefore destroy > anything. As a mortal user you can never ruin the system. > In my humble opinion there is not a single reason for anyone to log in > as root (except in single user mode) And I also demand my customers to stay out of root. One reason is that I don't want to muddy up the good name of Linux with an insecure system, even if it's just a child's computer. Of course, the main reason is that I don't want to keep administrating the system in order to fix it. > Until you want to clean up /tmp and accidentally type rm -rf / tmp/* > (mind the space between / and tmp) Don't laugh, I've seen it happen many > many times. > There is no "Are you sure?" in Linux. It follows the YAFIYGI way of > thinking (You Asked For It You Got It) Once you press Enter there's no turning back. > They didn't invent the "su" command for nothing. well, there's no "Are you sure?" 'cause you said -f. :-p of course, I know what you mean. still, we're careful enough here that nothing like that has ever happened. mainly, we don't need to be careful here. that's my point. we want to be able to drive over the speed limit, drive with our shoes off, go 40 mph in first gear, put stickers all over the windows, drive on the wrong side of the road, etc. we just don't want the car to break down because of a flaw in it's design... > So you run X as root even. Now THAT is a security hazard....... I'm > sorry sir, but you won't ever be allowed to admin either one of my > boxes. If you want to use Linux, you should let go of the Mickey$oft way > of thinking. > I'm using X also, as a normal user, and I have no problem at all. If I > really need to tweak something I type su or sudo and I can do whatever I > want. Now I'm actually hurt by that. My capabilities as an administrator are being called into question. :-( I've set up tons of Linux systems, workstations and servers, and I completely agree with you that they should not run as root. If I were to work on any of your systems, I would definitely not log in as root, since (I assume) you are interested in security... As for the 98 Billion Dollar Billy (as my little brother calls him), I am not holding on to that way of thinking. That single user environment simply does not allow security when a person actually needs it. > If you want to run everything as root, please go ahead. It's not my box. > Just know that almost all Unix security relies on the user not being > able to touch system files. I'm not trying to tell you what to do, just > warn you for the risks involved..... Thanks for the warning. I subscribed to the idea of layers of capability being intrinsic to Linux security. And we in this house still plan to run as root for now. > Eric. -Benjamin Vander Jagt
