LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-10-2005, 05:21 PM   #1
st1cky_rice
LQ Newbie
 
Registered: Dec 2005
Posts: 9

Rep: Reputation: 0
Question difference between root login and su?


Hi everyone,

Here's a pretty newbie question...so everyone says you shouldn't log in directly as root, or surf the internet as the sysadmin; instead you should open up a terminal (when in X-windows) as a normal user and use "su" if you want to perform sysadmin tasks.

Does that mean I should exit "su" as soon as I've done what I wanted as root, or can I leave the terminal minimalized while I surf the Internet? Will it be "safe" that way?

Since I'm new to Linux there's a lot of configuration (and learning!) to do, and it's such a hassle to have to log in and out as root every 3 minutes

Thanks and cheers,

MH
 
Old 12-10-2005, 05:30 PM   #2
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,066
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Running an xterm with the root account is only as dangerous as
the local security; in other words, if your console isn't locked,
or you "share desktop" to others it would be dumb. The thing in
this sceanrio is that potentially expoitable apps (e.g. gaim,
firefox, ... ) aren't being run as root.

All that said: also note the difference between "su" and "su -"
The latter will give you roots environment settings, the first
will preserve the normal users ones and just switch the uid.




Cheers,
Tink
 
Old 12-10-2005, 05:31 PM   #3
wolorf
LQ Newbie
 
Registered: Dec 2005
Location: Madison, Wisconsin
Distribution: Debian sid
Posts: 13

Rep: Reputation: 0
It's always best to log in as your user, and only use su when its absolutely necessary. Su, do what you have to, then exit. It's better to be safe then sorry in that regard. Some people argue that even su shouldn't be used all that much, instead they say that things like "fakeroot" "sudo" should be used. I don't go that far, I just use su only when necessary, then quit out. That's probably your best bet. And yes, dont run programs like firefox or gaim as root, thats very bad.
 
Old 12-10-2005, 06:45 PM   #4
hussar
Member
 
Registered: Oct 2003
Location: Heidelberg, Germany
Distribution: Slackware 11.0; Kubuntu 6.06; OpenBSD 4.0; OS X 10.4.10
Posts: 345

Rep: Reputation: 30
Since you mention leaving "the terminal" minimized while surfing the 'Net, I am assuming that you are opening a terminal window to do your root tasks and all your other applications are running with your user permissions an not root's. In that case, no it is not bad to `su` and stay "su'd" as root in the terminal window, at least not from a security standpoint. The root priveleges conferred on whatever you run in the terminal window will not be somehow transferred to your web browser, for example. That having been said, I think it is risky to leave yourself su'd to root in a terminal window for a longer period of time because you will sometime or other forget who you are (get familiar with the command "whoami") and you will do something ill-considered thinking you are you when in fact you are root. Trust me. Sooner or later it will happen. All it takes is a `rm *` when you meant `rm ./*`, and you will be a believer.

What I frequently do, when I only want to execute one command as root, is to use `su -c "nameofcommand anditsoptions"`. This works also for editing configuration files. For example, you can do a `su -c "vim /etc/configuration.conf"', and the entire time that you are editing using vim, you are root. As soon as you exit vim, you are you again.
 
Old 12-10-2005, 06:50 PM   #5
KimVette
Senior Member
 
Registered: Dec 2004
Location: Lee, NH
Distribution: OpenSUSE, CentOS, RHEL
Posts: 1,794

Rep: Reputation: 46
Quote:
Originally Posted by st1cky_rice
Hi everyone,

Here's a pretty newbie question...so everyone says you shouldn't log in directly as root, or surf the internet as the sysadmin; instead you should open up a terminal (when in X-windows) as a normal user and use "su" if you want to perform sysadmin tasks.
Well, su doesn't stand for "super user" like many think, but for "substitute user" or "switch user"

su is used to impersonate another user. You can su to other user accounts as well; try it. Create accounts "foo" and "bar" on your system, then type:

su foo

or

su bar

And you will be logging in as those users.

Also, on many (most? all?) distributions, when you su to root, you normally do not inherit their full environment. If you want their full environment, e.g., run their login shell, inherit their environment variables, and so forth follow the su with a hyphen, as in:

`su -`

The difference is key and some enterprise-level server apps actually check for this and will fail to execute commands unless you actually have root's full environment. In some cases this is due to a lazy way of checking your permissions (e.g., Meeting Maker XP), and in others they're checking to make sure you really, really, really have permissions so that you don't make permament changes without knowing with 100% certainty that you are indeed root and really do intend to make those changes.
 
Old 12-11-2005, 02:12 AM   #6
AwesomeMachine
Senior Member
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora
Posts: 1,829

Rep: Reputation: 257Reputation: 257Reputation: 257
When I first started using linux I would keep a desktop session logged in as root. Then I got debian on another machine. I noticed it wouldn't even let root log in as desktop user. I investigated and found out kde as root very bad. I use su, and have for a long time. Root logins are capable of doing severe damage, like putting the wrong directory name for "rm -r directory". With a regular user login the system is protected from spurious deletions.
 
Old 12-11-2005, 04:24 AM   #7
reddazz
LQ Guru
 
Registered: Nov 2003
Location: N. E. England
Distribution: Fedora, CentOS, Debian
Posts: 16,298

Rep: Reputation: 74
Quote:
Originally Posted by AwesomeMachine
When I first started using linux I would keep a desktop session logged in as root. Then I got debian on another machine. I noticed it wouldn't even let root log in as desktop user. I investigated and found out kde as root very bad. I use su, and have for a long time. Root logins are capable of doing severe damage, like putting the wrong directory name for "rm -r directory". With a regular user login the system is protected from spurious deletions.
I have done something similar to what you mentioned a few years ago. I was trying to delete a directory as root and ended up deleting /usr which obviously hosed my system and I had to reinstall. It wasn't a pleasant experience because I had to reconfigure the system exactly as it was before and this took precious time that I could have used for something else. now I am so careful when I switch to root.
 
Old 12-12-2005, 10:38 AM   #8
st1cky_rice
LQ Newbie
 
Registered: Dec 2005
Posts: 9

Original Poster
Rep: Reputation: 0
su vs. sudo

Thanks everyone for your advice. Hussar's suggestion of only "suing" the application you intend to use is really neat!

Here's another quick question: Is it true that "sudo" is somewhat less secure than "su"? Or it might be the other away around; I can't remember where I read that now...

I'm having a great time learning all this; You guys are making it fun

MH
 
Old 12-12-2005, 11:18 AM   #9
reddazz
LQ Guru
 
Registered: Nov 2003
Location: N. E. England
Distribution: Fedora, CentOS, Debian
Posts: 16,298

Rep: Reputation: 74
Which one is safer "su" or "sudo" is debatable. I guess it depends on what privileges you give yourself using sudo. I believe Ubuntus way of using sudo is not safe at all because a cracker only needs one password and they can run any commands on the system.

Last edited by reddazz; 12-12-2005 at 12:50 PM.
 
Old 12-12-2005, 12:45 PM   #10
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,066
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
I agree with reddazz on the ubuntu-statement ...

Also one should bear in mind that sudo leaves an audit-trail,
while a user with the ability to su can always wipe his trails,
and remove .bash_history to his hearts content.

Personally I think that a sensible set of pre-defined commands
in /etc/sudoers is the most sensible thing to do.


Cheers,
Tink
 
Old 12-12-2005, 12:49 PM   #11
Cogar
Senior Member
 
Registered: Oct 2005
Location: It varies, but usually within 100 feet of a keyboard.
Distribution: Fedora 10, Kubuntu 8.04, Puppy 4.1.2, openSUSE 11.2
Posts: 1,126

Rep: Reputation: 51
Quote:
Originally Posted by reddazz
. . . .I believe Ubuntus way if using sudo is not safe at all because a cracker only needs one password and they can run any commands on the system.
That is my impression as well.
 
Old 12-12-2005, 03:55 PM   #12
jrdioko
Member
 
Registered: Oct 2002
Distribution: Debian 6.0.2 (squeeze)
Posts: 944

Rep: Reputation: 30
Quote:
Originally Posted by hussar
All it takes is a `rm *` when you meant `rm ./*`, and you will be a believer.
Hmm, do those two have different effects?
 
Old 12-12-2005, 07:54 PM   #13
reddazz
LQ Guru
 
Registered: Nov 2003
Location: N. E. England
Distribution: Fedora, CentOS, Debian
Posts: 16,298

Rep: Reputation: 74
Quote:
Originally Posted by jrdioko
Hmm, do those two have different effects?
Code:
#rm -rf /*
Do that and you will surely kick yourself.
 
Old 12-12-2005, 07:57 PM   #14
reddazz
LQ Guru
 
Registered: Nov 2003
Location: N. E. England
Distribution: Fedora, CentOS, Debian
Posts: 16,298

Rep: Reputation: 74
Quote:
Originally Posted by jrdioko
Hmm, do those two have different effects?
They have different effects but the most dangerous one is
Code:
#rm -rf /*
Do that and you will surely kick yourself.
 
Old 12-12-2005, 07:57 PM   #15
jrdioko
Member
 
Registered: Oct 2002
Distribution: Debian 6.0.2 (squeeze)
Posts: 944

Rep: Reputation: 30
Right, but "rm -rf *" and "rm -rf ./*" don't do anything different, do they?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
what is the difference between real root system and normal root system zameer_india Linux - Newbie 17 07-04-2012 01:18 PM
wrong login shell prevent root login cefs99 Linux - Security 4 05-31-2006 09:28 AM
swaret - difference between ROOT and REPOS_ROOT zulik Linux - Newbie 1 04-07-2004 07:21 AM
I have re-installed MK 9.2 but cannot login as user, login as root works. bobinglis Mandriva 2 02-22-2004 12:39 PM
can only login as root? user login doesnt work..? anyone? hacking_4_b33r Linux - General 1 02-06-2004 12:40 AM


All times are GMT -5. The time now is 10:36 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration