LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions
User Name
Password
Linux - Distributions This forum is for Distribution specific questions.
Red Hat, Slackware, Debian, Novell, LFS, Mandriva, Ubuntu, Fedora - the list goes on and on... Note: An (*) indicates there is no official participation from that distribution here at LQ.

Notices


Reply
  Search this Thread
Old 09-16-2009, 05:12 PM   #16
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled

Quote:
Originally Posted by prushik
And also, attacks don't just randomly happen, information doesn't just jump off your computer onto an attacker, and viruses don't just jump on to it. You pc has to either send information to an attack or download a virus to be affected, attackers either use vulnerabilities in valid software or try to trick users into doing it themselves. Either way, by careful use, all attacks are avoidable. I run my windows machines without anti-virus or firewall and have no problems whatsoever.
SANS just released an illuminating report on "The Top Cyber Security Risks". WRT your comment, something of interest may be the HTTP client side exploitation example. It targeted Windows clients, but... lots of Linux users install and use flash, for example. If firefox (or some other client application) is being targeted instead of the OS, there may be a legitimate cause for concern among users across OSes.

Moreover, in the absence of more info, who knows what OP is using his Fedora 11 box for. If he's offering up any services to the wild 'net (wittingly or otherwise), all the more reason to not be taking additional risks by firing up a full on desktop environment as root.

-------

I'd close by saying: I don't think anyone wants to be the boss of OP. (I could be wrong.) What I see on this thread are people trying to discourage a commonly known bad practice.

Last edited by anomie; 09-16-2009 at 05:13 PM.
 
Old 09-16-2009, 05:17 PM   #17
Colonel Schell
LQ Newbie
 
Registered: Jul 2009
Location: Central Ohio
Distribution: Ubuntu, Mint, and Slackware
Posts: 23

Rep: Reputation: 16
There are two more distros worth mentioning which disable root: Linux Mint and MoonOS. Since they are both based on Ubuntu, this comes as no surprise.
 
Old 09-16-2009, 05:21 PM   #18
hasienda
Member
 
Registered: May 2009
Location: Saxony, Germany
Distribution: Debian/GNU Linux
Posts: 37

Rep: Reputation: 18
Quote:
Originally Posted by prushik View Post
Ok, fair enough. But how often does that happen? [...] or spend your time trying to prove me wrong.
Look here
http://www.linuxquestions.org/questi...alware-754677/

and also take the hint about a link between usage/adoption and intensity of attacks. I think it is far off to consider misuse the key to all system security breaches. So called social engineering is definitely a major threat, but exposure is another. With (regular) root login you expose a system a lot more than restricted users do.

You mentioned avoiding attacks being/becoming an essential and expected user skill. Usability rules in these days. That will prevent from asking security questions regularly. And people even should have the right not to take care about security, because much can be done for them without bothering most users.

I often have tell someone, that not only his system is connected to the internet, but the internet is connected to his system. There is nothing like an oneway street with networking, no 100 % safe system, maybe an offline one, powered off inside a cage. :-)
 
Old 09-16-2009, 05:23 PM   #19
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,529

Rep: Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899
Quote:
Originally Posted by Colonel Schell View Post
There are two more distros worth mentioning which disable root: Linux Mint and MoonOS. .
Debian also disables root login,
Every good distro disables rootlogin in GUI

Quote:
Since they are both based on Ubuntu, this comes as no surprise
Why ?
 
Old 09-16-2009, 05:25 PM   #20
hasienda
Member
 
Registered: May 2009
Location: Saxony, Germany
Distribution: Debian/GNU Linux
Posts: 37

Rep: Reputation: 18
Question The sense never found yet

Quote:
Originally Posted by repo View Post
And if the software is owned by root....
However, just use your common sence.
Software ... common sense; you must be joking here. Really never encountered this neither at work, nor with my parents, friends, ...
 
Old 09-16-2009, 05:34 PM   #21
Colonel Schell
LQ Newbie
 
Registered: Jul 2009
Location: Central Ohio
Distribution: Ubuntu, Mint, and Slackware
Posts: 23

Rep: Reputation: 16
@ repo: Ubuntu disables root at login, Linux Mint and MoonOS have followed suit, and since you have informed me that Debian does it, too ("...every good distribution disables root in GUI"), perhaps it comes from Debian, since Debian is the base of Ubuntu.

Or perhaps it is because they start up in GUI?
 
Old 09-16-2009, 05:34 PM   #22
LouArnold
Member
 
Registered: Mar 2006
Distribution: Linux Mint 18.1 w/Cinnamon
Posts: 75

Original Poster
Rep: Reputation: 15
Haha, I didn't think my questions would raise so many comments. I do apologize.

I will clarify only one question: F11 means Fedora 11. Sorry I used the shortcut.

I will not respond to other comments about the good or bad of the root account problem. Everyone is entitled to their view. In my case, I am done with Linux if I cannot find another strong stable distro without this behavior. If I worked for NASA I'd still have that opinion.

And so if someone can recommend a stable distro, with an active community, I would welcome hearing your rationale for selecting it. It would be a bonus if releases were only one (or less) each year. I am really tired of surprises. (Am I getting too picky?)

And lastly.....I really need to say this...lighten up!!!.
 
Old 09-16-2009, 05:38 PM   #23
Colonel Schell
LQ Newbie
 
Registered: Jul 2009
Location: Central Ohio
Distribution: Ubuntu, Mint, and Slackware
Posts: 23

Rep: Reputation: 16
I thought it was because I was ill, but perhaps this forum is a bit on edge today.
 
Old 09-16-2009, 05:54 PM   #24
LouArnold
Member
 
Registered: Mar 2006
Distribution: Linux Mint 18.1 w/Cinnamon
Posts: 75

Original Poster
Rep: Reputation: 15
OK, I see where the confusion is. Here is a second clarification: The disabled root login is just the tip of the iceberg. That design concept has wide impact. Try starting and stopping service with the system-config-services GUI. You must NOT be root to do something and then in the process you must give the root password. Screw that. I'm trying to solve problems and I don't have much time to do that. So I want a distro that still uses the traditional approach of many years.

What news of BSD? or is that word taboo here?

Oh, yes, great list of those that have the problem, thanks!

Last edited by LouArnold; 09-16-2009 at 05:56 PM.
 
Old 09-16-2009, 05:57 PM   #25
MBybee
Member
 
Registered: Jan 2009
Location: wherever I can make a living
Distribution: OpenBSD / Debian / Ubuntu / Win7 / OpenVMS
Posts: 440

Rep: Reputation: 57
Quote:
Originally Posted by LouArnold View Post
Haha, I didn't think my questions would raise so many comments. I do apologize.

I will clarify only one question: F11 means Fedora 11. Sorry I used the shortcut.

I will not respond to other comments about the good or bad of the root account problem. Everyone is entitled to their view. In my case, I am done with Linux if I cannot find another strong stable distro without this behavior. If I worked for NASA I'd still have that opinion.

And so if someone can recommend a stable distro, with an active community, I would welcome hearing your rationale for selecting it. It would be a bonus if releases were only one (or less) each year. I am really tired of surprises. (Am I getting too picky?)

And lastly.....I really need to say this...lighten up!!!.
I'd recommend FreeBSD (though it isn't Linux), CentOS, SuSE, Debian or simply enabling the root user (just look for "enable root user on $distro" on the search engine of your choice). I don't recall having to enable the root user on my Debian Lenny system - in fact I do believe it asked me to set the password during the install.

I am also surprised and disappointed at the response to this question. It's a simple enough question, and certainly doesn't deserve 2 pages of flamewars as a response.
 
Old 09-16-2009, 06:15 PM   #26
LouArnold
Member
 
Registered: Mar 2006
Distribution: Linux Mint 18.1 w/Cinnamon
Posts: 75

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by MBybee View Post
I'd recommend FreeBSD (though it isn't Linux), CentOS, SuSE, Debian or simply enabling the root user (just look for "enable root user on $distro" on the search engine of your choice). I don't recall having to enable the root user on my Debian Lenny system - in fact I do believe it asked me to set the password during the install.

I am also surprised and disappointed at the response to this question. It's a simple enough question, and certainly doesn't deserve 2 pages of flamewars as a response.
I'll have to check the Debian varieties; some comments say it has the problem and some say it doesn't. But thanks for the rest of the list.

As for the replies from others; this appears to be a hot topic for more than just me. Rest assured that I am not hurt in any way, and I thank you for your concern.

So..here's the list of the distros with the root account ...err...thing, so far:
Debian
Fedora (at least 10 and 11...see, no "F".)
Ubuntu (Debian based)
Linux Mint
MoonOS

Any others?

CentOS..interesting. I recall that its has good documentation and an active community. I will check that.

Last edited by LouArnold; 09-16-2009 at 06:18 PM.
 
Old 09-16-2009, 06:50 PM   #27
prushik
Member
 
Registered: Mar 2009
Location: Pennsylvania
Distribution: gentoo
Posts: 372

Rep: Reputation: 29
Quote:
Originally Posted by hasienda View Post
zero
Of course he can. Never said that.
1st
I am root. ;-) Never needed a (direct, graphical) root login to get anything done before in Linux.
2nd
Thanks for quoting. Do you know, how to include the author of the quoted text? Use it, please.
3rd
I feel like being hitten quite hard by you. Why? I think I've not been that harsh. I fact I repeatedly asked him, LouArnold, what exactly is the problem with not working as root in his case. Still don't see much clearer by now.
1. Neither have I, I just don't like being restricted. Typing sudo all the time can be a pain, even though its only 4 letters (plus a space).

2. Yes. And I did 3/5 times.

3. Apologies. I just disagree with most people on this topic, so I go a little overboard. And because he asked a question and instead of answering you questioned his motives, which offends me. He asked a question not so you would understand what hes doing, but so that you might help him. I am just saying all this so you might understand my response, I do apologize for being harsh.

Quote:
Originally Posted by hasienda View Post
Because a warning would be just a warning, nothing to complain about like an impossible action. He would actually be able to login, or at least get it working with one or a few configuration changes to circumvent root account protection for X logins, as was pointed out by others too.
A warning is a warning, agreed, nothing to complain about. I do not oppose warnings. I oppose messages that say "disabled".

Quote:
Originally Posted by hasienda View Post
Matter of taste. Obviously you're not a sysadmin for 100+ people running mission critical applications. I'm less focussed on strict off-network home use. Much more often, if not regularly, computers really should limit people and stop them from doing evil to others and themselves. This is a feature. Total freedom is only for few people who know and obey strict rules without enforcement. My point of view. Discuss, please, don't flame. :-)
True, you are correct in assuming I'm not a sysadmin, all my computers are single user. I think regular user accounts should be limited, and the root account should be password protected (that should also be up to the computer owner), but not disabled. Those are features.

Quote:
Originally Posted by hasienda View Post
And again my big question: what for? Office work, browser, gaming, huh? Tell me why do you actually need to be root in Gnome/KDE, having ssh-askpass and friends at hand.
Your big question does not help answer the original poster's question. and the answer to your question does not help answer the original poster's question. That is why I was harsh.
 
Old 09-16-2009, 08:34 PM   #28
MBybee
Member
 
Registered: Jan 2009
Location: wherever I can make a living
Distribution: OpenBSD / Debian / Ubuntu / Win7 / OpenVMS
Posts: 440

Rep: Reputation: 57
Quote:
Originally Posted by LouArnold View Post
I'll have to check the Debian varieties; some comments say it has the problem and some say it doesn't. But thanks for the rest of the list.
From my Debian box, just to clear up any doubt:

user@host:~/Download$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 5.0.3 (lenny)
Release: 5.0.3
Codename: lenny
user@host:~/Download$ su - root
Password:
host:~#

Root is fully enabled, though I do have it locked to console only - no remote logins.
 
Old 09-17-2009, 01:42 AM   #29
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,529

Rep: Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899
Quote:
Originally Posted by MBybee View Post
From my Debian box, just to clear up any doubt:

user@host:~/Download$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 5.0.3 (lenny)
Release: 5.0.3
Codename: lenny
user@host:~/Download$ su - root
Password:
host:~#

Root is fully enabled, though I do have it locked to console only - no remote logins.
As I understand it, The OP is talking about logging in as root in the GUI, not CLI
 
Old 09-17-2009, 11:19 AM   #30
LouArnold
Member
 
Registered: Mar 2006
Distribution: Linux Mint 18.1 w/Cinnamon
Posts: 75

Original Poster
Rep: Reputation: 15
Just as an update:
I'll be trying CentOS V5.3. Here is some text from the centos.org web page. Let's hope their claims are real.

"CentOS is an Enterprise Linux distribution based on the freely available sources from Red Hat Enterprise Linux. Each CentOS version is supported for 7 years (by means of security updates). A new CentOS version is released every 2 years and each CentOS version is periodically updated (roughly every 6 months) to support newer hardware. This results in a secure, low-maintenance, reliable, predictable and reproducible Linux environment."

Regards,
Lou.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Root Account Disabled (not smart) Can not root LOGIN mitchellray Slackware 12 06-30-2009 12:52 PM
The system administrator has disabled your account? Mate de Vita Linux - Newbie 3 08-30-2008 01:35 PM
Why is my common account can't open Terminal in XFCE4 but root account? notsay Slackware 4 08-18-2007 11:29 PM
is it legitimate and allowed and can be done to make another user account set uid and gid to null 0 to make another root account with different name and possibly not damage the debian system creating and using that new account BenJoBoy Linux - Newbie 12 01-29-2006 10:02 AM
URGENT (server down) : All account disabled ! (and also root) jmcollin92 Mandriva 2 01-10-2006 03:57 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions

All times are GMT -5. The time now is 04:29 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration