Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
What are the differences between "su -" in a GUI terminal and directly logging in as root in a text mode terminal (tty1-tty6)? Any environment, path or other functionality differences?
As an aside to your question - its not good practice to login as root directly.
For security/safety purposes always login as a "normal" user with sudoers priveleges and use a combination of sudo and su - to execute super user commands.
Many will say its a schlep to do the above but believe me you will not be happy once you do something by mistake that destroys your system
No difference, it's just safer to su - . If done properly, you execute whatever commands you have permissions to as a normal user, and when you need to, su - , execute the root commands, then exit. If you log in directly as root, the temptation is to run all commands as root, leaving yourself open to... well if you don't know now, you will remember it afterwards.
the main problem lies in Xorg
running X and a gui( gnome,kde,xfce)as root opens up holes in xorg
-- Google it for a much longer and heated "discussion "
now one will be loged in as root for MUCH less time in the terminal than it one was to log in as root using a gui .Also gnome ( also not secure as root) will not be running .
NOW
there are not many ways for a auto script ( built for MS Windows) to do much
nor are there too many linux mal-ware programs . so the odds are ( for know ) are better at keeping a clean computer running linux -- even as root , than running Windows
but for the paranoid there is also a problem with sudo
-- this is not the place for that flaming war -- google it for more discussion .
su
root with NORMAL users $PATH ( stays in the folder you run this from)
su -
root with root $PATH ( auto goes to /root home folder)
most of the time there is not much of a difference
but for somethings there is a diff.
For everyone else: thanks for replying, but you are assuming too much about me - I am not a complete noob and I do not run my system as root constantly. The question is ONLY about the root's environment when using different login methods.
John VV answered this question already, albeit indirectly. The answer in implied here:
Quote:
su
root with NORMAL users $PATH ( stays in the folder you run this from)
su -
root with root $PATH ( auto goes to /root home folder)
The commands that will be different are the commands that are not found in both paths. This could mean no difference at all if, say, the user belongs to the group wheel (in which case user $PATH should be the same as root $PATH).
NB: With 3 posts we will assume you are a noob, because the potential consequences of assuming you know these things when you, in fact don't, are considerable. Be assured that no offense was meant.
It isn't just the $PATH variable that is changed to root's with 'su -'. ALL environment variables are set to root's. To see the differences, run the following:
Code:
% su
Password:
# printenv
<snip>
# exit
% su -
Password:
# printenv
<snip>
# exit
The fact that by default Linux allows any user to be able to use the su command is in itself insecure. You only need to couple this with the blatant use of sudo in Ubuntu to understand the risk you take.
I'm taking a different approach here. I'd say, "If you want more security, then go for FreeBSD." Why? Because from the initial setup, you decide which account has access to wheel and to sudo- that is if you install it later. An unprivileged account that is compromised will not bring down the system. The same scenario on say... Ubuntu or Fedora or Mint, could result in a rooting.
the main problem lies in Xorg
running X and a gui( gnome,kde,xfce)as root opens up holes in xorg
-- Google it for a much longer and heated "discussion"
A netsearch for root and X and GUI (with and without xorg) found questions and HOWTOs etc. but nothing pertinent to security holes in the first page or so. Any other keywords to find the discussion?
No, it's not insecure, it merely puts a certain piece of the responsibility to the administrator. su requires root knowledge, and there are plenty of uglier ways to achieve a similar thing with the login command itself and such, which arne't removed. su just makes it a more formal escalation of rights, and doesn't change the model itself.
And with a pedant hat on, Linux does NOT do this by default, only distributions. Linux does not contain su. It's a kernel, and in this specific context that distinction does matter more than usual.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.