UbuntuThis forum is for the discussion of Ubuntu Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Ubuntu 12.04 LTS, Kubuntu 12.04 LTS, Scientific Linux 6.3
Posts: 97
Rep:
Quote:
Originally Posted by snowpine
There's no reason to run firefox, evolution, rhythmbox, libreoffice, etc. as root (which is what would happen if hypothetically you were to enable full GUI root login).
How do you know that would happen? Yes, I'm sure that there would be some users who would, but then we all learn from our mistakes, right? Was it really such a problem that the old paradigm had to be changed? Coming back to Linux after being away for a few years, I find this new philosophy hard to swallow.
If you log into the GUI as the root user account, then every application you launch is automatically launched as root: web browser, office suite, media player, email client, the little clock in the corner of the screen, etc.
Since running non-system tasks as root is unnecessary and dangerous, most distributions prohibit GUI root login in their default security settings.
Distribution: Ubuntu 12.04 LTS, Kubuntu 12.04 LTS, Scientific Linux 6.3
Posts: 97
Rep:
Quote:
Originally Posted by snowpine
If you log into the GUI as the root user account, then every application you launch is automatically launched as root: web browser, office suite, media player, email client, the little clock in the corner of the screen, etc.
Since running non-system tasks as root is unnecessary and dangerous, most distributions prohibit GUI root login in their default security settings.
I'm aware that running non-system tasks as root is unnecessary and dangerous; I just don't get why the developers feel the need to nanny us. My point is that it didn't used to be that way. This is a very hard-to-swallow shift in philosophy for someone coming from a Unix background.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by jk07
I'm aware that running non-system tasks as root is unnecessary and dangerous; I just don't get why the developers feel the need to nanny us. My point is that it didn't used to be that way. This is a very hard-to-swallow shift in philosophy for someone coming from a Unix background.
Largely because Ubuntu is not designed for people comfortable with Unix/Linux it's designed for people who have no interest in computers other than getting tasks done. Other distros sometimes prevent logging into X sessions as root, I'm assuming because there is never a need to yet some people inexplicably do so unless prevented.
If you really want root login to X you can set it up on any distro you want and it won't take long, provided you know what you're doing.
I'm aware that running non-system tasks as root is unnecessary and dangerous; I just don't get why the developers feel the need to nanny us. My point is that it didn't used to be that way. This is a very hard-to-swallow shift in philosophy for someone coming from a Unix background.
"Best practices" in computer security have evolved since UNIX was developed in 1969, in part due to a sharp rise in cyber-crimes which you may have heard mentioned in various media outlets (not to mention the invention of the internet and the explosion in popularity of the personal computer).
Ubuntu is targeted to users who don't appreciate how dangerous and unnecessary it is. Hence the nagging. They come from an OS with a single user history, where much of the software written for it had to be run as administrator in order to work.
Let's dispel the myth of Ubuntu "nannying" its users. Here are some facts about Ubuntu:
You can get unlimited root access by booting to Recovery Mode
You can set a root password with 'sudo passwd root'
You can get a root terminal with 'sudo -i'
You can run any GUI app as root with 'gksu'
None of this is hidden/forbidden knowledge. All of this information is taken directly from the official Ubuntu.com help page on the topic. Please do not spread misinformation about Ubuntu until you have read and understood this page!
No insult taken. What I meant was that with gksu nautilus one can just as easily delete yr system folders like bin, sbin etc if one logged in as root and then running nautilus.
Like pixellany said I also get the feeling that the Ubuntu team are trying to make Ubuntu just work like MSWindows. The reason why I moved to Ubuntu was the freedom of choice Linux offered. With each release of Ubuntu this freedom of choice seems to be diminishing.
Why would anyone want to log into their WM as root? I've seen this mentioned a lot on this site and I just don't get it.
I do it sometimes. Mostly to use a gui file manager to clean up directories with mixed ownerships and permissions. Yah its lazy and a bad habit but vanishingly low on my list of character faults
OTOH not allowing users to just su to run as root in a term window is just laughable. Who exactly do they think they are protecting?
The concept of needing a password to get to the desktop with user permissions but not with root permissions is unique in Linux as far as I know. I certainly hope it is.
Wow thts just bizarre. Treating users like idiots and creating software that makes no sense is, however, a time honored road to success in the software industry.
This statement can be interpreted two ways. I intend no insult to the person who posted the statement. I want to comment on it for the benefit of others who are ignorant of how Linux works and stumble upon this thread.
[...]
The second interpretation is that entering shell commands in a terminal with root privileges is just as dangerous as logging into a GUI as root, and using applications like an internet browser while logged in as root. That is completely false. Believing so would indicate a fundamental ignorance of Linux in particular and computers/internet in general. In such cases, a little research is needed before progressing any further.
Again, no insult to philipgr intended.
Nor do I intend any to you, but you invite scorn with general statements like the ones in that paragraph about the second interpretation, especially your assertion that believing it "would indicate a fundamental ignorance of Linux in particular and computers/internet in general". Since your answer is absurd as stated, it cries out for a defense. Would you care to offer one? Or just try to write it in a new way that isn't absurd?
Your position might be discuss-able if you would express it in a more sensible fashion.
Every "I want to log into X as root" thread seems to turn into a "sudo vs su" thread...
widget, I believe that 'buntu allows passwordless root login in single user mode, because the root account does not have a password...?
Distribution: Debian Testing, Stable, Sid and Manjaro, Mageia 3, LMDE
Posts: 2,628
Rep:
Quote:
Originally Posted by caravel
Every "I want to log into X as root" thread seems to turn into a "sudo vs su" thread...
widget, I believe that 'buntu allows passwordless root login in single user mode, because the root account does not have a password...?
I think they do it because they assume the user is an idiot that can't remember both their user name and password at the same time. Or they are just too lazy too impliment it right.
LMDE uses the same sudo policy as Ubuntu and you are asked for your password in single user mode.
Yes I realize this is not a great big improvement and that direct access is pretty much access to the system if one knows how. The point is that direct access only allows those that know how to get in to do so. The vast majority of computer users do not know how. Asking for a password, therefore, is much greater security than just dumping anyone that can hit the recovery mode menu item at a root prompt.
That is just insanity.
I have no promblem with folks that want to log in as root. It is their box and their OS. I have had times, due mainly to idiotic "improvements" that I have made, that the only way I could get to a desktop was as root. Much easier to fix my improvements from there.
I have done it on purpose when there was really no need. Why? Because I could. It also allows me to set up a desktop that is easier for me to use as root. I also use a different wallpaper on that desktop so that if I get into it as root I absolutely know that is where I am. Sometimes I want to edit a number of config files at one time. Easy to do as root.
This has little or nothing to do with sudo or su.
I think that sudo is used as a crutch in most cases. I want to learn more about setting it up for multible users so that users can do things that they may want to do without having full blown administrative rights.
If you install Debian stable you get something like what I want to set up on your first user. For a single user system I think this is kind of a pain and would rather just not have sudo at all and just use su. On a system with more than one user I want sudo on there for all users.
Sudo and su are too different things all together and both great tools. They need to be used as intended.
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,233
Rep:
i agree, using the desktop as root is bad, i would use either sudo or su, whichever is more comfortable to you, as for why it's a bad idea? well let's just say compromised units pose a potential threat to everyone on the Internet, so yes I would rather see root login to GUI disabled by default, yes there is a file you can go and edit to turn on the ability to log in as root, but it will never show up in the list, you would have to either pick 'other', or configure the login window to be a type in the user/password (which is probably more secure in the long run as it doesn't reveal the usernames).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.