LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-25-2006, 06:12 PM   #1
StoneAgeMoron
LQ Newbie
 
Registered: Mar 2006
Location: San Diego, California
Posts: 10

Rep: Reputation: 0
Linux newbie, I don't understand sys. admin. or security.


I am new to Linux (< 1 month.) I WAS A MACINTOSH CLASSIC OS USER, I HAVE NEVER OWNED, OR EXTENSIVELY USED, MS WINDOWS. I have also never used Mac OS-X.

I don't understand Linux's "security" and "system administration" features as they apply to a SINGLE-USER, HOME COMPUTER system. Why are these necessary, or even desirable in this instance?

Why are there so many roadblocks in Linux to doing things that were easy in Mac OS? (I have no desire to learn the command line, I'm running a single-user home computer, not a thousand-user super computer system for a giant corporation that can afford specialists to do these arcane things for them.)

If access to any task available in any given operating system is so dangerous, why didn't I ever mess up my Mac? Put the other way around, I don't understand WHY something simple to do in Mac OS is considered so dangerous in Linux.

In another forum, it was suggested that I always log in as root --whatever that means -- to avoid some complexity. Since I understand this eliminates some of the default security features I don't understand, this sounds like a good idea to me. Are there any other ways to streamline Linux?

I pose these questions seriously, and have tried not to editorialize in posing them.

Thanks in advance for your input.
 
Old 03-25-2006, 06:25 PM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by StoneAgeMoron
it was suggested that I always log in as root
might as well use windows 95 then...

seriously, though: do you have some kinda specific question?? your post kinda feels like venting... yes, logging in as root for everyting is one of the worst things you can do on linux, and it's one of the first mistakes linux newcomers make... as for the command line thing, well, there's some distros that have tried to make things as GUI-ish as possible, but still, linux has the CLI in it's DNA so you'll probably need to deal with it in one way or another...
 
Old 03-25-2006, 06:31 PM   #3
paulsm4
Guru
 
Registered: Mar 2004
Distribution: SusE 8.2
Posts: 5,863
Blog Entries: 1

Rep: Reputation: Disabled
I appreciate your consternation - but there are indeed valid reasons for creating "less privileged" users and deliberately using "root" (in *nix, or "Administrator", in Windows) as LITTLE as possible.

A great book - highly recommended: "Know Your Enemy" (I bought it a couple of years ago; I believe there's a second edition out by now):
Quote:
... A random computer on the Internet is scanned dozens of times a day. The life expectency, or the time before someone successfully hacks, a default installation of Red Hat 6.2 server is less than 72 hours. A common home user setup, with Windows 98 and file sharing enabled, was hacked fice times in four days. Systems are subjected to NetBIOS scans an average of 17 times a day. And the fastest time for a server being hacked: 15 minutes after plugging it into the network.
Security from Bad Guys on the Internet is one compelling reason for running under the lowest privilege that's convenient. Security from your 12 year old playing Runescape - or from yourself accidentally doing an "rm -f /" are two others.

Bottom line: if your OS is flexible and sophisticated enough to have some kind of "logon", then it's also probably complex and vulnerable enough to be at risk if you don't adhere to some notion of "least privilege". Just consider creating a "normal user logon" as part/parcel of having a modern PC (Linux, Windows or Mac OS X) and move on. Trust me - you'll ultimately be much happier because of it!

IMHO .. PSM

PS:
Whoever suggested logging in as root was flat-out wrong. That's, frankly, a problem with forums like this, Wiki's, Blogs and much of today's "Web 2.0": anybody can pretty much say anything (just so long as they don't post a copyrighted .mp3 or try to play a DVD under Linux ;-)).

So you've got to take everything with a grain of salt (or, as Tanenbaum liked to say, "perhaps with a metric ton of salt").

Including what I just said.

The Epimenedes Paradox for the Digital age, I guess ;-)

Last edited by paulsm4; 03-25-2006 at 06:37 PM.
 
Old 03-25-2006, 06:54 PM   #4
reddazz
Guru
 
Registered: Nov 2003
Location: N. E. England
Distribution: Fedora, CentOS, Debian
Posts: 16,298

Rep: Reputation: 73
Maybe Linux is not for you if you find it so frustrating. Why not use MacOS if you feel that its a lot friendlier than Linux. Linux was designed as a multi user OS right from the start so its security model is meant to protect users from each other as well as the admin from doing damage to the system. You cannot change this model to suite you just because you are the only one using your system. If running as a normal user is difficult for you, why not run as root at the risk of circumventing security or use a distro such as Linspire that runs as admin by default. Personally I think that that even if you are the only user, its not a good thing to run as root by default because you can make errors that can damage your system or your system can be cracked and malicius damage done by outsiders. Running as admin is one reason why its so easy for Windows to be cracked. Personally, I don't have to login to my root account very often once I have setup the system as I want.

The command line is also an essential part of Linux just like Unix, so its there to stay because there are many things that you can't do with a GUI that can be done in the command line. If you find entering commands frustrating, why not use a desktop environment such as GNOME or KDE. There are point and click distros such as Linspire and Xandros which anyone can use without much knowledge about the underlying OS. The only problem is that if the gui mulfunctions, you may have to reinstall whereas someone with knowledge of the command line can easily fix it. The command line is so important that even MacOS X has it for those that wish to use it.

Last edited by reddazz; 03-25-2006 at 08:00 PM.
 
Old 03-25-2006, 07:06 PM   #5
Robhogg
Member
 
Registered: Sep 2004
Location: Old York, North Yorks.
Distribution: Debian 7 (mainly)
Posts: 653

Rep: Reputation: 85
Quote:
Originally Posted by StoneAgeMoron
In another forum, it was suggested that I always log in as root --whatever that means -- to avoid some complexity. Since I understand this eliminates some of the default security features I don't understand, this sounds like a good idea to me...
It's worth pointing out that Apple felt the need to move from OS9 to OSX and that in the newer OS root user is disabled by default. This is for a good reason - if you are logged in as root, any command executed, any program run, is done with root privileges (including trojans, spyware, etc if someone can trick you into running them). After understanding this, I never log in as root, instead using su and sudo to temporarily gain root privileges when I need them.

Rob
 
Old 03-25-2006, 07:11 PM   #6
KimVette
Senior Member
 
Registered: Dec 2004
Location: Lee, NH
Distribution: OpenSUSE, CentOS, RHEL
Posts: 1,794

Rep: Reputation: 46
StoneAgeMoron,

Please don't take this the wrong way, but you really need to RTFM. These questions are so basic that it'd require basically recreation (or reposting) of existing FAQs and tutorials which are already available here and elsewhere.

Just googled, third hit on "unix security tutorial" is:

http://www.ee.surrey.ac.uk/Teaching/Unix/unixintro.html

That should put you in the right direction in your first steps toward enlightenment!

Last edited by KimVette; 03-25-2006 at 07:21 PM.
 
Old 03-25-2006, 07:56 PM   #7
2damncommon
Senior Member
 
Registered: Feb 2003
Location: Calif, USA
Distribution: Debian Wheezy
Posts: 2,839

Rep: Reputation: 48
Learn about the features and use them how you want.
Quote:
...Linux's "security" and "system administration" features...
Such as...
Quote:
...roadblocks in Linux to doing things...
Such as...
Quote:
...something simple to do...
Such as...
Quote:
...it was suggested that I always log in as root...
It is generally discouraged but you are free to do as you choose.
One reason for starting with a boxed edition of Linux is that they usually have a good user's guide included. That is a good place to start.
 
Old 03-26-2006, 09:28 AM   #8
hagen00
LQ Newbie
 
Registered: May 2005
Distribution: Debian Sarge, Ubuntu Dapper
Posts: 14

Rep: Reputation: 0
Not sure what distribution you're using, but for your purposes i'd recommend Ubuntu. They are trying to make it as easy to use as possible for the end user. Ubuntu is also pretty secure out of the box. You won't have to worry about security much at all.

I find some of the posts here rather unfortunate. That's exactly why Linux has such a small following. Use Ubuntu and post on the Ubuntu forums (ubuntuforums.org/index.php). The lot there are extremely helpful and very friendly.
 
Old 03-26-2006, 11:02 AM   #9
reddazz
Guru
 
Registered: Nov 2003
Location: N. E. England
Distribution: Fedora, CentOS, Debian
Posts: 16,298

Rep: Reputation: 73
Quote:
I find some of the posts here rather unfortunate. That's exactly why Linux has such a small following. Use Ubuntu and post on the Ubuntu forums (ubuntuforums.org/index.php). The lot there are extremely helpful and very friendly.
Read other posts by the user and you will figure out why there is such a negative response to this thread.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Sys Admin Scenarios logicalfuzz Linux - Certification 0 11-16-2005 10:49 PM
Sys/Net Admin Stuff ankursaxena Linux - Newbie 1 03-15-2005 05:38 PM
Looking for a Linux Sys Admin ftbaccounts Linux - Certification 1 02-08-2005 12:11 PM
good linux sys admin book tyler_durden Linux - Security 1 11-19-2001 02:35 AM
Linux Sys Admin smurphy Linux - General 2 07-31-2001 07:05 AM


All times are GMT -5. The time now is 03:25 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration