LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 04-16-2003, 05:45 PM   #1
Crickit
Member
 
Registered: Apr 2003
Location: A whole lot of nowhere.
Distribution: Mandrake 9.1
Posts: 58

Rep: Reputation: 15
Is root really that bad?


What are the real dangers of logging in as root? I realize there is the risk of deleting files that are important, but is it that easy to do? The user would still have to click on the file and press delete, right? Or is it even easier than that?

Are there things that can happen to the system that you wouldn't notice while you're logged in as root? For example, I saw a post on this board once where someone said logging in as root all the time could corrupt your modules, and you would then need to fix them. Would this happen by user error (ie: the user directly corrupting the modules), or from system error?

I guess all I'm wondering is, is logging in as root all the time really such a bad thing to do?
 
Old 04-16-2003, 05:54 PM   #2
Proud
Senior Member
 
Registered: Dec 2002
Location: England
Distribution: Used to use Mandrake/Mandriva
Posts: 2,794

Rep: Reputation: 116Reputation: 116
The point is there should be no need to. You should be able to set up your system securely so that you can use an everyday account for... everyday things, and then use root to change your setup or install things. Using root constantly is a security risk, and why risk it?
 
Old 04-16-2003, 05:59 PM   #3
Crickit
Member
 
Registered: Apr 2003
Location: A whole lot of nowhere.
Distribution: Mandrake 9.1
Posts: 58

Original Poster
Rep: Reputation: 15
I have no problem using another user account instead of root all the time. But I am experimenting a lot with Linux right now, and it gets annoying when I have to type in the root password all the time for installations and configuration changes. Its also a pain when I can't use Konquerer to move files, etc, because there is no way of gaining root access from it. I always have to use the command line.

I'm just learning how to set up priveleges and such, but Windows does seem easier (probably unsecure) in this regard.
 
Old 04-16-2003, 05:59 PM   #4
wapcaplet
Guru
 
Registered: Feb 2003
Location: Colorado Springs, CO
Distribution: Gentoo
Posts: 2,018

Rep: Reputation: 48
Being root all the time is like walking around in a giant Japanese robot suit all the time. You always gotta be careful where you step, or you might accidentally squish your hello kitty-cat or something.

The point is, it's way more power than you really need for day-to-day activities. Don't get into the giant robot suit unless you need to do some heavy lifting, or blow up some tall buildings.

Last edited by wapcaplet; 04-16-2003 at 06:02 PM.
 
Old 04-16-2003, 06:03 PM   #5
wr3ck3d
Member
 
Registered: Dec 2002
Location: IL
Distribution: NetBSD, Slackware, Gentoo, Debian, FreeBSD
Posts: 444

Rep: Reputation: 31
to use konqueror as root there are 2 ways

kdesu konqueror

#konqueror

just open one of those up, leave it open on desktop 4 and now all you need to do is change desktops to do stuff.

Last edited by wr3ck3d; 04-16-2003 at 06:04 PM.
 
Old 04-16-2003, 06:05 PM   #6
mcleodnine
Senior Member
 
Registered: May 2001
Location: Left Coast - Canada
Distribution: s l a c k w a r e
Posts: 2,731

Rep: Reputation: 45
yes it's a bad thing to do. You don't _need_ to be root to do the normal day to day tasks of whatever it is you do so why take the risk?

To put it another way - the old miners who used dynamite to blast away rock faces didn't carry it around with them all day. They only took it out when they needed it. You should treat root priveleges the same way.
 
Old 04-16-2003, 06:08 PM   #7
mcleodnine
Senior Member
 
Registered: May 2001
Location: Left Coast - Canada
Distribution: s l a c k w a r e
Posts: 2,731

Rep: Reputation: 45
man i sure do type slow today...

More than that, I really want one of those giant robot suits.

Last edited by mcleodnine; 04-16-2003 at 06:09 PM.
 
Old 04-16-2003, 07:02 PM   #8
deckmoney
LQ Newbie
 
Registered: Apr 2003
Distribution: Mandrake 9.1
Posts: 20

Rep: Reputation: 0
I can understand his point about running as root to first set things up, but I find it easier to just "su -", install a crapload of programs, and then "exit" the su command. Much more secure this way as well.

Mandrake 9.1 doesn't even allow "root" to login from the command line; the first time I rebooted I tried to login and it wouldn't accept my password. I thought I had mistyped my root password during setup and would have to reset it, but I figured out that my normal account worked just fine. According to someone at Mandrake Expert, they don't allow logging in as root (at least not after the first reboot,), claiming things are more secure this way, yet I seem to remember an option to have "No Password" for my root account...yeah, real secure!
 
Old 04-16-2003, 08:07 PM   #9
ranger_nemo
Senior Member
 
Registered: Feb 2003
Location: N'rn WI -- USA
Distribution: Kubuntu 8.04, ClarkConnect 4
Posts: 1,142

Rep: Reputation: 47
Not only can you mess up your own system, you can accidently run malicious programs that then have root permission. Such programs can can get out to the network / internet and be used by others to run attacks against third-party systems from your system and IP.
 
Old 04-16-2003, 10:45 PM   #10
cuckoopint
Member
 
Registered: Feb 2003
Distribution: Debian
Posts: 797

Rep: Reputation: 30
Quote:
Being root all the time is like walking around in a giant Japanese robot suit all the time.
ROFL.

Thanks, I really needed that.

As for root, why are you moving root-only stuff in konqueror anyway...? And the general idea is worst case scenario: you _don't_ know what could happen and that's why you don't run root. Not because you know modules could be destroyed (I don't know how they came up wih this one) or because you can accidently delete stuff, etc. Because in this case, we would just alias rm to 'echo' and find solutions for other warnings. But we would not be off the hook - the only way to plan for the unexpected is to limit yourself enough, it just couldn't physically happen. This same idea is applied in other security fiels, such as firewalls (drop ALL, allow Some).
 
Old 04-17-2003, 12:14 AM   #11
2damncommon
Senior Member
 
Registered: Feb 2003
Location: Calif, USA
Distribution: Debian Wheezy
Posts: 2,838

Rep: Reputation: 48
Quote:
I guess all I'm wondering is, is logging in as root all the time really such a bad thing to do?
No. It's good.
Let us know how it works out for you.
 
Old 04-17-2003, 12:30 AM   #12
cuckoopint
Member
 
Registered: Feb 2003
Distribution: Debian
Posts: 797

Rep: Reputation: 30
Quote:
No. It's good.
Let us know how it works out for you.
Maybe even setup apache and host a internet diary of your experiences. A simple filter and redirection of /var/log/messages may even do....just something that says "Boom! Game over!" at the crucial moment.

Hey, maybe we can even have a contest ...who can run root the longest w/o permanently thrashing their computer...
; )
 
Old 04-17-2003, 12:44 AM   #13
2damncommon
Senior Member
 
Registered: Feb 2003
Location: Calif, USA
Distribution: Debian Wheezy
Posts: 2,838

Rep: Reputation: 48
Quote:
Hey, maybe we can even have a contest ...who can run root the longest w/o permanently thrashing their computer...
LOL
That's a great idea!!!
 
Old 04-17-2003, 02:32 AM   #14
whansard
Senior Member
 
Registered: Dec 2002
Location: Mosquitoville
Distribution: RH 6.2, Gen2, Knoppix, 98,2000 + various
Posts: 3,171

Rep: Reputation: 51
i run as root all the time, but i don't like to admit it.
i have more than once accidently deleted almost everything
on my drive. i tried running as a normal user, but
running su all the time was taking up too much time.
all i do is install and move and delete files, and
constantly mount and unmount drives and partitions.
its just a personal use machine though. web browsing
is the only thing i do that doesn't require root. i
specifically remember one time i was deleting the
files in a directory, and accidently hit c then enter
right before rm -r *. i have a macro for c this does
cd .. ; ls --color -l -s or something similar to that,
and i was waiting, wondering why it was taking so long.
when i was running as a normal user, i basically
would keep going out to the bash prompt, and typing
a command, then it would say "you do not have permission", then i would su, password, and run it
again. i decided it wasn't doing me any good to
try to run as a normal user, since i spent all my time
su ing. i spent years in dos with the freedom to
delete things by accident, so i guess i'm used to it.
i spent 2 years running as root, then 2 weeks trying
as a normal user, then i've been root since for 5 years.
i spent the past 2 days messing up everything with
upx, and i had to restore from backups to get everything
to boot again. i messed up win98, windows 2000 and
my redhat. i backup often with the expectation that
i will need to restore often, and i do.
i've tried adding some read only files in my root
directory, so if i typed rm -r from there, it would at
least stop and ask me, and i would realize my mistake,
but i failed in that quest.
 
Old 04-17-2003, 02:45 AM   #15
2damncommon
Senior Member
 
Registered: Feb 2003
Location: Calif, USA
Distribution: Debian Wheezy
Posts: 2,838

Rep: Reputation: 48
Quote:
running su all the time was taking up too much time.
Leave a terminal open su'd to root.
CTL-ALT-Fx (F1,F2,F3...) logged as root.
Using 'su' is much cleaner than "running as root" all the time. It is a little annoying to learn enough to do it well.
It is your computer and "do as thou wilt is the whole of the law".
You could always switch user ('su') to a normal user from root.
su normaluser
mozilla


Edit: Almost forgot - Ctl-Alt-F7 to return to X.

Last edited by 2damncommon; 04-17-2003 at 02:55 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Fonts ok as root, but bad as user BroX Debian 11 11-01-2004 03:30 AM
Bad blocks on /root partition sarysa Linux - Newbie 2 10-26-2004 03:17 PM
running as root is bad because?... breezewax Linux - Security 4 10-09-2004 05:00 PM
Bad root shell Tyraziel Linux - General 2 04-08-2004 10:08 AM
is running root bad??? zetsui Linux - Security 1 06-23-2003 02:30 AM


All times are GMT -5. The time now is 09:33 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration