LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-03-2006, 12:44 PM   #1
WayneS
Member
 
Registered: Sep 2006
Distribution: SuSE 10.1
Posts: 30

Rep: Reputation: 15
Dont login as root?


I read that you shouldnt log in as root unless you need to. Is this true?
 
Old 09-03-2006, 12:46 PM   #2
masonm
Senior Member
 
Registered: Mar 2003
Location: Following the white rabbit
Distribution: Slackware64 14.2 Solus
Posts: 2,264

Rep: Reputation: 51
Yes, it is true. Logging in as root is a serious security risk that is easily avoided. Logging in as a normal user limits access to vital system files thus helping to maintain system integrity.
 
Old 09-03-2006, 09:13 PM   #3
cs-cam
Senior Member
 
Registered: May 2004
Location: Australia
Distribution: Gentoo
Posts: 3,544
Blog Entries: 4

Rep: Reputation: 57
Basic way to put it, Windows has malware etc and the reason it runs so rampant is because the default Windows login is admin-level (root). There are rootkits and other exploits that do effect linux machines, if you're running all your software as root then you leave yourself vulnerable to being infected, just like in Windows.

This is why you should run all your apps as a user and most (good) server apps have an option to run in a chroot jail, otherwise it makes sense to set one up yourself. Other (good also) server apps will start as root, get the init stuff done and drop back to a standard user so as to avoid being an entry point for a malicious user.
 
Old 09-03-2006, 09:47 PM   #4
masonm
Senior Member
 
Registered: Mar 2003
Location: Following the white rabbit
Distribution: Slackware64 14.2 Solus
Posts: 2,264

Rep: Reputation: 51
Not to mention that running as root makes it much easier for you to bork your system.
 
Old 09-04-2006, 05:02 AM   #5
Eckstona
Member
 
Registered: Aug 2006
Location: Michigan, USA
Distribution: Kubuntu AMD64 6.10 Edgy Eft
Posts: 40

Rep: Reputation: 15
Most distros come with a fake root command. It is best to use this. For (k)(x)(ed)ubuntu it is sudo.
 
Old 09-04-2006, 05:12 AM   #6
b0uncer
LQ Guru
 
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
...and using sudo should also be limited to minimum, for the same reasons you shouldn't use root account for doing stuff you don't necessarily need to. For Ubuntu the first user created during setup gets sudo rights for everything (password required), but that's not a perfect idea either..my advice in this matter is that anyone who needs root rights ought to use sudo if possible, and that sudo should be configured so that

1) only certain (as small number as possible) users can access sudo at all and
2) those users only have sudo access to the commands they actually need

That way the risk of somebody misusing root privileges gets a bit smaller..
 
Old 09-04-2006, 07:46 AM   #7
Spudley
Member
 
Registered: Mar 2003
Location: Berkshire, England.
Distribution: SuSE 10.0
Posts: 299

Rep: Reputation: 32
Lets say there's a security flaw in your browser (or indeed any other piece of software you're using), and someone wants to use it to break into your system.

If you're logged in as root, the browser program will also be running as root, and will thus have permissions to do anything to your system - even playing with the most important system files, so someone breaking in through it could potentially really mess up your system, install their own software, delete anything they liked.... whatever.

But if you're logged in as a normal user, any program you run will only have permissions to change stuff in your own local directories, so the hacker will be much more limited in what they can do. Yes, they'd still be able to do some bad stuff, so security holes in software are still a bad thing, but nothing like as bad as it would be if you were running it as root. It's like the difference between having your TV stolen, and having your house burned down.

In short, you should only use the root password when you want to install software, or something like that which requires privileges to access system files. 99% of the time you shouldn't need or care about the root user (unless you spend your whole life installing software).
 
Old 09-04-2006, 08:48 AM   #8
cs-cam
Senior Member
 
Registered: May 2004
Location: Australia
Distribution: Gentoo
Posts: 3,544
Blog Entries: 4

Rep: Reputation: 57
Quote:
Lets say there's a security flaw in your browser (or indeed any other piece of software you're using), and someone wants to use it to break into your system.
And don't say it doesn't happen in linux. This is a very valid point and there was a pretty serious bug a little while ago in Firefox that allowed malicious web sites to execute any command they wanted on your computer.
 
Old 09-04-2006, 09:00 AM   #9
masonm
Senior Member
 
Registered: Mar 2003
Location: Following the white rabbit
Distribution: Slackware64 14.2 Solus
Posts: 2,264

Rep: Reputation: 51
Quote:
Originally Posted by cs-cam
And don't say it doesn't happen in linux. This is a very valid point and there was a pretty serious bug a little while ago in Firefox that allowed malicious web sites to execute any command they wanted on your computer.
Of course it happens in Linux as it can in any OS. That's why we have security patches. This only emphasizes the need for running as a normal user with limited permissions.

It's still far more secure by default than a default Xp installation.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Gnome: Cannot login as default user, sends back to login, works as root Danny-T Linux - Newbie 2 05-27-2006 03:44 AM
Some pages dont work (login and mebers) Kanon LQ Suggestions & Feedback 14 09-14-2004 01:46 PM
I dont like the login screen.... gplacek Linux - General 13 08-18-2004 10:14 PM
can only login as root? user login doesnt work..? anyone? hacking_4_b33r Linux - General 1 02-05-2004 11:40 PM
Commands dont work, even as root king_nothingzzz Linux - General 2 01-22-2004 03:07 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:08 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration