LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-16-2010, 01:09 PM   #76
snowpine
Senior Member
 
Registered: Feb 2009
Posts: 4,037

Rep: Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099Reputation: 1099

Quote:
Originally Posted by igadoter View Post
There are two hells in Linux. The first - the library dependencies, the second - permissions. The root account is used for escape from the second hell.
Do you honestly believe that permissions cannot be changed with 'sudo'?

https://help.ubuntu.com/community/FilePermissions

Quote:
To change or edit files that are owned by root, sudo must be used - please see RootSudo for details.
To clarify, I have nothing against using the root account (I do it myself all the time on non-Ubuntu distros) or against what Sumguy is trying to accomplish. However, I think it is irresponsible to spread the notion on a "Linux - Newbie" forum that all Ubuntu users must enable the root password to gain control of their system... that's just wrong!

Last edited by snowpine; 07-16-2010 at 01:51 PM.
 
1 members found this post helpful.
Old 07-16-2010, 01:26 PM   #77
diamondsandrain
Member
 
Registered: Oct 2009
Location: Canada
Distribution: Gentoo, Slackware, Arch
Posts: 97

Rep: Reputation: 21
Quote:
Originally Posted by Sumguy View Post
That is what I thought- I had heard that trojans weren't an issue in LINUX, but then I see people here saying that if I log in as root, I will be more succeptable to trojans. (I'm beginning to think that some of the guys are trying to have some fun with the newbie...like when a mechanic tells a person who is clue;ess about cars that they're low on blinker fluid!)

Ladies and gentlemen, I am logged in as root! (and yet I continue to live!)
But have you also considered that trojans aren't really an issue in Linux because most of the people that use Linux are very security conscious.

Also, there seems to have been a fundamental disconnect in this issue. I su to root just like that when I need to do something that requires elevated privileges. Its just a root shell in a command line environment. I don't see anything wrong with that as long as it is used with discretion and only when necessary.

What is questionable is the idea of logging into your graphical environment using root. The actual login prompt that you get when you start your computer. I believe at one time or another (maybe it is still the case) some distributions actually changed the background to red just to warn you of what you were doing.
 
Old 07-16-2010, 01:34 PM   #78
Sumguy
Member
 
Registered: Jul 2010
Location: Rural Kentucky, USA.
Distribution: Slackware; Crunchbang.
Posts: 409
Blog Entries: 2

Original Poster
Rep: Reputation: 98
I think I'm getting this figured out: I can use "su" to log on as root, and then when I exit the terminal, I am automatically switched back to just plain old administrative user. Excellent!

Now I'm satisfied- I know it's there when I need it...but don't have to permanently log on as root.

This is the most I've learned since switching to Ubuntu! This thread has been very helpful- and thanks again to you all.

I'm getting really comfortable with this Ubuntu now- it almost feels like I know what I'm doing!
 
Old 07-16-2010, 01:38 PM   #79
diamondsandrain
Member
 
Registered: Oct 2009
Location: Canada
Distribution: Gentoo, Slackware, Arch
Posts: 97

Rep: Reputation: 21
Sort of, you are actually still using the limited account. That is, if you try to run something in the graphical environment that requires elevated privileges you will still get a prompt.The only thing that actually has the root access is the command line prompt. Still though, if you know the command line name of something like the update manager then you could type that command into the prompt and it would be run as the elevated user.
 
Old 07-16-2010, 01:42 PM   #80
Sumguy
Member
 
Registered: Jul 2010
Location: Rural Kentucky, USA.
Distribution: Slackware; Crunchbang.
Posts: 409
Blog Entries: 2

Original Poster
Rep: Reputation: 98
Quote:
Originally Posted by diamondsandrain View Post
But have you also considered that trojans aren't really an issue in Linux because most of the people that use Linux are very security conscious.
I thought Windows users were the most paranoid and security-conscious, because the majority of hackers and scammers out there are gunning for them, since that is the most popular OS?

Quote:
Originally Posted by diamondsandrain View Post
Also, there seems to have been a fundamental disconnect in this issue. I su to root just like that when I need to do something that requires elevated privileges. Its just a root shell in a command line environment. I don't see anything wrong with that as long as it is used with discretion and only when necessary.

What is questionable is the idea of logging into your graphical environment using root. The actual login prompt that you get when you start your computer. I believe at one time or another (maybe it is still the case) some distributions actually changed the background to red just to warn you of what you were doing.
NOW I understand (see my post, above)- and I fully agree with you here. I can see that there is no reason to stay permanently logged in as root- and having access to it at any time through su is just fine.

See, the words of you nay-sayers have taken root (pun intended) in me- as when I was in root through su, my first instinct was to get out of root!

This has been a great learning experience- and I'm glad that I found this forum. Nothing beats ghearing multiple opinions and getting real answers to questions.
 
Old 07-16-2010, 01:52 PM   #81
diamondsandrain
Member
 
Registered: Oct 2009
Location: Canada
Distribution: Gentoo, Slackware, Arch
Posts: 97

Rep: Reputation: 21
Quote:
Originally Posted by Sumguy View Post
I thought Windows users were the most paranoid and security-conscious, because the majority of hackers and scammers out there are gunning for them, since that is the most popular OS?
Yes that is true. Although, I'm sure some people may also target Linux because it is more of a challenge. Defeating the security of the average windows user is almost too easy at times.

Have you heard of buffer overflows? I believe that was a problem in Windows, but it was quite the hot security topic in Linux quite a few years ago too. At one point almost every security patch seemed to be to stop a buffer overflow. No user interaction needed, just an open port connected to a vulnerable daemon.
 
Old 07-16-2010, 02:41 PM   #82
Sumguy
Member
 
Registered: Jul 2010
Location: Rural Kentucky, USA.
Distribution: Slackware; Crunchbang.
Posts: 409
Blog Entries: 2

Original Poster
Rep: Reputation: 98
@Diamondsandrain: No, I never did hear of the buffer overloads.

To me, one of the scariest security risks are keyloggers- and I'd imagine that they could be intalled on LINUX, no?

I guess I take a different approach towards security- for instance, one thing I've always done (and which I feel should be standard protocol for everyone) is not put my real name on the computer- not even my first name. The way I look at it, the minute you put your name on the system, you've compromised your security.

Just about anything anyone could get off of my computer is useless without knowing who it belongs to- so in that regard, I think the only thing to really fear are keyloggers. That and the malicious stuff which destroys your system of course. But the type of sites I visit are not high-risk, and of course I don't open attachments unless I know what they are. I may be too cocky for my own good...but I feel that if I kept safe in Windows all these years while ignoring antivirus and security patches and updates....I should think that I'd be O-K in LINUX (not that it couldn't happen though- if the Pentagon computer can be hacked...anyone's can be....but I believe that I'm pretty low on the totem pole when it comes to being hacked)

Funny thing too- it seems that all my friends and acquaintances who were always meticulous about updating and patches and antivirus...they were always the ones who had problems and got viruses, etc.
 
Old 07-16-2010, 03:35 PM   #83
diamondsandrain
Member
 
Registered: Oct 2009
Location: Canada
Distribution: Gentoo, Slackware, Arch
Posts: 97

Rep: Reputation: 21
Quote:
Originally Posted by Sumguy View Post
@Diamondsandrain: No, I never did hear of the buffer overloads.

To me, one of the scariest security risks are keyloggers- and I'd imagine that they could be intalled on LINUX, no?
I imagine that you could get a keylogger in Linux. Really though, in all the years I've been using Linux I've never encountered something happening with my system that would indicate some sort of compromise.

Well, because of the lack of user interaction, if you could just scan the web for specific open ports and automate an attack. If the machine was vulnerable supposedly it would be rooted and added to the group of machines that were scanning the web looking for machines to attack. The network of machines would grow and grow maybe later being used for some malicious purpose. All automated. Not having clicked anything you could be completely unaware that something was wrong.

What comes to mind for me is the old IIS vs Apache web server. Yes, I realize that is more of a server issue, but it does illustrate the point. IIS was the better target because the security ecosystem was not good. Apache is quite widely used but didn't have so many problems. Why? Because they as soon as they discovered a vulnerability they went to work and released a patch very quickly. The users in turn installed those patches in a timely fashion.

That was probably in the late 90's/early 2000's. Security wasn't a word that Microsoft knew the meaning of at the time.

But I am going on and on about this and most likely getting off topic. :P

From the things you've said though you seem to be pretty careful about what you do. I'm sure you'll be fine.
 
Old 07-16-2010, 04:08 PM   #84
bruceleejr
Member
 
Registered: Oct 2009
Posts: 31

Rep: Reputation: 16
Quote:
Originally Posted by Sumguy View Post
...but I feel that if I kept safe in Windows all these years while ignoring antivirus and security patches and updates....I should think that I'd be O-K in LINUX (not that it couldn't happen though- if the Pentagon computer can be hacked...anyone's can be....but I believe that I'm pretty low on the totem pole when it comes to being hacked)

Funny thing too- it seems that all my friends and acquaintances who were always meticulous about updating and patches and antivirus...they were always the ones who had problems and got viruses, etc.
Dude, first I wanna say... sorry that you didn't get the answer &faster than you wanted... I cannot believe they were trying to force you to NOT be able to login as root lol

I mean I can see they were giving suggestions, but they were actually forcing you, i was like "wthel~?? just give him the damn answer~!!" after reading all the posts LOL

I am the exact same way as you... I never EVER updated or had ANYTHING other than the basic windows firewall on Windows XP~!! I got 1 virus in the 6-7 years I have used it because I was being stupid and downloading a bunch of pirated movies so I can burn them because I had to leave lol

Windows XP was the safest for me & now that I'm over to Linux.. shoot I should be 99% safer now lol

Even me, I am a newbie and whenever I ask questions they are like "zomg dont do it~!!" "l33t h@cks~!!" "WHY" "its possible BUT" and they dance around your freakn questions lmao and i'm like " just give me the freakn straight answer, i just installed linux, i dont care if i break it, i dont have any important files on it, its brand-spankin-new... let me play with it~!!" but then i get "WHY" "l33t h@cks~!!" etc etc

So that is why I post my question on MULTIPLE linux forums. And in all of them I get DIFFERENT answers for the same exact question, because some people will give it, some wont, some will dance around it, and only 1 person will actually give it

It kinda sucks because in the Linux world, you will have to dig and dig until you find the answer whereas on Winblows, answers are everywhere
 
Old 07-16-2010, 04:09 PM   #85
MTK358
LQ 5k Club
 
Registered: Sep 2009
Posts: 6,443
Blog Entries: 3

Rep: Reputation: 720Reputation: 720Reputation: 720Reputation: 720Reputation: 720Reputation: 720Reputation: 720
I don't understand.
 
Old 07-16-2010, 04:55 PM   #86
Sumguy
Member
 
Registered: Jul 2010
Location: Rural Kentucky, USA.
Distribution: Slackware; Crunchbang.
Posts: 409
Blog Entries: 2

Original Poster
Rep: Reputation: 98
Quote:
Originally Posted by diamondsandrain View Post
From the things you've said though you seem to be pretty careful about what you do. I'm sure you'll be fine.
Thanks. I think also one of the things that makes me less of a target, is the fact that I really don't do anything "mainstream"- I mean, if I were inclined to download the latest rap song [shudder] on Frostwire [Hurray! Frostwire works on LINUX!] I guess I'd be 100x more vulnerable than I am downloading a Bunny Berigan song from the 1930's.....


Quote:
Originally Posted by bruceleejr View Post
Dude, first I wanna say... sorry that you didn't get the answer &faster than you wanted... I cannot believe they were trying to force you to NOT be able to login as root lol

I mean I can see they were giving suggestions, but they were actually forcing you, i was like "wthel~?? just give him the damn answer~!!" after reading all the posts LOL

I am the exact same way as you... I never EVER updated or had ANYTHING other than the basic windows firewall on Windows XP~!! I got 1 virus in the 6-7 years I have used it because I was being stupid and downloading a bunch of pirated movies so I can burn them because I had to leave lol

Windows XP was the safest for me & now that I'm over to Linux.. shoot I should be 99% safer now lol

Even me, I am a newbie and whenever I ask questions they are like "zomg dont do it~!!" "l33t h@cks~!!" "WHY" "its possible BUT" and they dance around your freakn questions lmao and i'm like " just give me the freakn straight answer, i just installed linux, i dont care if i break it, i dont have any important files on it, its brand-spankin-new... let me play with it~!!" but then i get "WHY" "l33t h@cks~!!" etc etc

So that is why I post my question on MULTIPLE linux forums. And in all of them I get DIFFERENT answers for the same exact question, because some people will give it, some wont, some will dance around it, and only 1 person will actually give it

It kinda sucks because in the Linux world, you will have to dig and dig until you find the answer whereas on Winblows, answers are everywhere
Wow! That's the first time I've been called "Dude" since I lived in California for a year in the 80's!

Hey, ya know though, it's O-K.... I did end up getting the answer...and I learnt a lot along the way- so I'm a happy camper. A few of the guys pretty much gave me the answer early on, but I was not quite ready to try it out then and didn't really "hear" what they were saying. Then Igadoter came along just at the right time, and his post "spoke to me".

But I'm with you- my foray into LINUX at this point is just an experiment and I really installed it just with the idea in mind of being somewthing to try and to play with. Of course, I already consider the experiment a success, and now consider this my primary OS...but like you say, if it crashes and burns, it's not the end of the world....just a small inconvenience. (Plus, for me, the best way to learn something like this is by experimenting and hands-on trial and error, just like i did with Windows- I find reading software manuals very boring- I'd rather spend an hour reinstalling and reconfiguring, than 100 hours reading the manual)
 
Old 07-16-2010, 05:09 PM   #87
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: Slackware®
Posts: 12,541
Blog Entries: 23

Rep: Reputation: 1943Reputation: 1943Reputation: 1943Reputation: 1943Reputation: 1943Reputation: 1943Reputation: 1943Reputation: 1943Reputation: 1943Reputation: 1943Reputation: 1943
Hi,

Quote:
Originally Posted by igadoter View Post
@Sumguy

Did you set a password? Open terminal and issue
$su
at the prompt insert the root password. (su stands for super user - everyone wants to be super)
In actuality it stands for 'substitute user' or sometimes 'switch user;
Quote:
excerpt from 'man su';
su - run a shell with substitute user and group IDs SYNOPSIS

su [OPTION]... [-] [USER [ARG]...] DESCRIPTION

Change the effective user id and group id to that of USER.
-, -l, --login make the shell a login shell -c, --commmand=COMMAND pass a single COMMAND to the shell with -c -f, --fast pass -f to the shell (for csh or tcsh) -m, --preserve-environment do not reset environment variables -p same as -m -s, --shell=SHELL run SHELL if /etc/shells allows it --help display this help and exit --version output version information and exit A mere - implies -l. If USER not given, assume root.
AUTHOR

Written by David MacKenzie. REPORTING BUGS

Report bugs to <bug-coreutils@gnu.org>. COPYRIGHT

Copyright © 2004 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. SEE ALSO

The full documentation for su is maintained as a Texinfo manual. If the info and su programs are properly installed at your site, the command
info coreutils su should give you access to the complete manual.
Most people feels that the 'sudo' is for superuser only but it's actually for executing commands as another user. Generally this is for super user/root as long as the sudoer file is setup properly for either usage as root or another user.

Quote:
excerpt from 'man sudo';
NAME

sudo - execute a command as another user SYNOPSIS

sudo -V | -h | -l | -L | -v | -k | -K | -s | [ -H ] [-P ] [-S ] [ -b ] | [ -p prompt ] [ -c class|- ] [ -a auth_type ] [-r role ] [-t type ] [ -u username|#uid ] command DESCRIPTION

sudo allows a permitted user to execute a command as the superuser or another user, as specified in the sudoers file. The real and effective uid and gid are set to match those of the target user as specified in the passwd file (the group vector is also initialized when the target user is not root). By default, sudo requires that users authenticate themselves with a password (NOTE: by default this is the user's password, not the root password). Once a user has been authenticated, a timestamp is updated and the user may then use sudo without a password for a short period of time ( 5
minutes unless overridden in sudoers). sudo determines who is an authorized user by consulting the file /etc/sudoers. By giving sudo the -v flag a user can update the time stamp without running a command. The password prompt itself will also time out if the user's password is not entered within 5
minutes (unless overridden via sudoers).
If a user who is not listed in the sudoers file tries to run a command via sudo, mail is sent to the proper authorities, as defined at configure time or the sudoers file (defaults to root). Note that the mail will not be sent if an unauthorized user tries to run sudo with the -l or -v flags. This allows users to determine for themselves whether or not they are allowed to use sudo.
sudo can log both successful and unsuccessful attempts (as well as errors) to syslog(3), a log file, or both. By default sudo will log via syslog(3) but this is changeable at configure time or via the sudoers file.
OPTIONS
 
Old 07-16-2010, 05:30 PM   #88
bruceleejr
Member
 
Registered: Oct 2009
Posts: 31

Rep: Reputation: 16
Quote:
Originally Posted by Sumguy View Post
Thanks. I think also one of the things that makes me less of a target, is the fact that I really don't do anything "mainstream"- I mean, if I were inclined to download the latest rap song [shudder] on Frostwire [Hurray! Frostwire works on LINUX!] I guess I'd be 100x more vulnerable than I am downloading a Bunny Berigan song from the 1930's.....




Wow! That's the first time I've been called "Dude" since I lived in California for a year in the 80's!

Hey, ya know though, it's O-K.... I did end up getting the answer...and I learnt a lot along the way- so I'm a happy camper. A few of the guys pretty much gave me the answer early on, but I was not quite ready to try it out then and didn't really "hear" what they were saying. Then Igadoter came along just at the right time, and his post "spoke to me".

But I'm with you- my foray into LINUX at this point is just an experiment and I really installed it just with the idea in mind of being somewthing to try and to play with. Of course, I already consider the experiment a success, and now consider this my primary OS...but like you say, if it crashes and burns, it's not the end of the world....just a small inconvenience. (Plus, for me, the best way to learn something like this is by experimenting and hands-on trial and error, just like i did with Windows- I find reading software manuals very boring- I'd rather spend an hour reinstalling and reconfiguring, than 100 hours reading the manual)
LOL i live in AZ, Calis next door neighbor so we got alot of influences haha

and for the rest of the stuff, yup~!! i agree
 
Old 07-16-2010, 08:09 PM   #89
diamondsandrain
Member
 
Registered: Oct 2009
Location: Canada
Distribution: Gentoo, Slackware, Arch
Posts: 97

Rep: Reputation: 21
Quote:
Originally Posted by Sumguy View Post
Hey, ya know though, it's O-K.... I did end up getting the answer...and I learnt a lot along the way- so I'm a happy camper.
Glad to see that you were happy with the response. As has been suggested to me previously, it is a good idea to go back and mark the thread as solved. It helps out others who may be searching for similar issues. Thread Tools is what to look for. Its been awhile though so I couldn't be more specific than that.
 
Old 07-16-2010, 09:06 PM   #90
GlennsPref
Senior Member
 
Registered: Apr 2004
Location: Brisbane, Australia
Posts: 3,366
Blog Entries: 33

Rep: Reputation: 216Reputation: 216Reputation: 216
su stands for "Substitute User".

If you don't add a user name it switches user to root.

so, we may issue
Code:
su glenn
to substitute the current user account to glenn.

or
Code:
su guest
, to switch to the guest users account.

type
Code:
exit
to return to the logged-in account.

Regards Glenn

ps, onebuck has the reference...
I should have read your post.

Last edited by GlennsPref; 07-16-2010 at 09:12 PM. Reason: onebuck has the reference
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Prompts password for squid using NTLM tanveer Linux - Server 3 06-24-2013 02:36 AM
Firefox (Iceweasel): two password prompts? z-vet Linux - Desktop 2 08-20-2009 02:19 PM
(Samba 3.0.20) Vista prompts for username, XP prompts just for password Noffie Linux - Server 2 07-21-2008 11:26 AM
KNetworkManager always prompts for password twice TechnoJunky Linux - Networking 2 02-03-2008 05:40 PM
passwd prompts for new password only once when a short password is entered powah Linux - Security 0 09-19-2007 05:20 PM


All times are GMT -5. The time now is 04:43 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration