LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 07-17-2004, 03:26 PM   #1
KaptinKABOOM
Member
 
Registered: Jun 2004
Location: Morgantown, WV
Distribution: Slackware 10.0
Posts: 39

Rep: Reputation: 15
Why not run always login as root?


On my home system, and one of the computers in my work place, I login and use the root account as if it were well pritty much My login account. In the workplace I can understand that it is a good idea to not do this becuase it can lead to a compramise in security if you left the computer on without logging out or a number of other things.... But for my home machine I cannot really se anything wrong with it.

So in general I was just wondering how many people on their personal machines just log in as root all the time? and also what are somne good reasons for/against this practice?
 
Old 07-17-2004, 03:39 PM   #2
zz9pluralzalpha
Member
 
Registered: Jun 2004
Location: UK
Distribution: BLFS 5.1
Posts: 34

Rep: Reputation: 15
Should you be unfortunate enough to find yourself at a command prompt, it can be a little dodgy... e.g.

Code:
rm -Rfv /*
instead of
Code:
rm -Rfv ./*
Not very likely but not worth the risk when you can use sudo. Most distros don't come setup to create ordinary users with sudo privalidges. They really should.
 
Old 07-17-2004, 03:45 PM   #3
ranger_nemo
Senior Member
 
Registered: Feb 2003
Location: N'rn WI -- USA
Distribution: Kubuntu 8.04, ClarkConnect 4
Posts: 1,142

Rep: Reputation: 47
It's not just the damage to your data or system, it's the security of the whole internet. Look at all the zombified boxes that have been used in the past to attack websites and infrastructure. If somebody slips you a nasty, and you run it as root, it gets full control of you system, and can be used to do whatever that somebody wants.
 
Old 07-17-2004, 04:39 PM   #4
Jose Muņiz
Member
 
Registered: Jul 2003
Location: Mexico City
Distribution: Slackware 9.1, SuSE 9.1
Posts: 248

Rep: Reputation: 30
Yes exactly. By not running as root you are forcing the important operations on your computer (delete important files, start/stop some services, etc) to be done once you use a password for it. In that way there's no way a virus can do that harm. It would need your password.

And well it actually makes you be more organized. Because in that way you store some things in different places depending ont he permissions, etc.

However, some things in my fstab like my CD unit, I allow every user in my computer to mount it and umount it at will. But I do like how things are done otherwise.
 
Old 07-17-2004, 06:40 PM   #5
osvaldomarques
Member
 
Registered: Jul 2004
Location: Rio de Janeiro - Brazil
Distribution: Conectiva 10 - Conectiva 8 - Slackware 9 - starting with LFS
Posts: 519

Rep: Reputation: 34
Hi KaptinKABOOM,

As already said, the most important thing is protect yourself of little mistakes of the day to day. I have a customer where mainly all administration routines are automatized. Each customer open his/her session, works and nobody cares about temp files, disk space and etc. However, sometimes, for any hardware or software glitch, anybody has to execute some administrative function like as remove some lock file which was left for some reason. When the most experienced user went to vacation, he passed his cook book to another person. That days. 1994, the home for root in the system V was "/" (root, of course). So, that person got the cook book, opened a root session and entered
Code:
rm /usr/printers/ *
, closed the session and went to his normal affairs. A half hour late I was called because the system was hang. That time, installation were done from qic tape. There was no cds, etc. I spent two days to bring the system back. Today the things are faster and more comfortable but, your lost data is lost.
This kind of mistake on root make us miserable, as any user you will just see one or many messages alerting you it can't obey you.
Other issue is familiarity. If you always can do all on your main system without acknowledge because you are root, when you go to another system, you will feel yourself as a "fish out of water" because all you frequently does will be denied to you. All the instructions you give to somebody won't work because they probably don't work normally as root.
To talk about security, is to be redundant! No one user instead of root can do great harm to your system.

Good luck.
 
Old 07-17-2004, 07:28 PM   #6
Mega Man X
Guru
 
Registered: Apr 2003
Location: ~
Distribution: Ubuntu, FreeBSD, Solaris, DSL
Posts: 5,339

Rep: Reputation: 63
It can also be quite annoying to run some applications as root. While some won't open at all, some (as Xchat) will pop up a text warning you to do not run it as root, etc...
 
Old 07-17-2004, 08:16 PM   #7
KaptinKABOOM
Member
 
Registered: Jun 2004
Location: Morgantown, WV
Distribution: Slackware 10.0
Posts: 39

Original Poster
Rep: Reputation: 15
Ehhh yeah I am seeing that running as root might not be such a good idea I guess IT cannot be that much harder to make myself an account but honeslyt I like having total and comeplete control over my computer, the idea of having to type a password every time I change permissions of a file or delete a file is kind of well distasteful to me. Although on the other hand the Idea that it's generally more organized to make another account does make alot of sense.
 
Old 07-18-2004, 06:50 AM   #8
zz9pluralzalpha
Member
 
Registered: Jun 2004
Location: UK
Distribution: BLFS 5.1
Posts: 34

Rep: Reputation: 15
Code:
man sudoers
There's a NOPASSWD option. You just have to type sudo whatever to execute whatever as root. E.g.

Code:
ADMIN ALL = (ALL) NOPASSWD: ALL
And of course, you can always su - root when you need to. You still have total control.
 
Old 07-18-2004, 07:23 AM   #9
frob23
Senior Member
 
Registered: Jan 2004
Location: Roughly 29.467N / 81.206W
Distribution: Ubuntu, FreeBSD, NetBSD
Posts: 1,449

Rep: Reputation: 47
You won't need to enter a password each time you want to change permissions or delete a file. Most of the files you will be working with you will own... so you can do what you want to them. Now... if you want to delete a library in /usr/lib or something... then you will need to enter a password.

Don't be confused. You still have complete control over your machine. You are just segregating that power into the areas where you need it and the ones you don't.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
wrong login shell prevent root login cefs99 Linux - Security 4 05-31-2006 08:28 AM
How to run a script as root upon login zugvogel Linux - Newbie 7 09-09-2005 11:10 AM
login run from root-owned xterm garba Linux - Security 2 07-23-2005 11:19 AM
How to run a Script as root, after Login as User, in GDM MHOOO Red Hat 14 03-08-2005 08:41 AM
Run program from root login as non-priveledged user? pr0wl3r Linux - Security 3 08-17-2004 09:52 PM


All times are GMT -5. The time now is 04:21 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration