Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've only been working with Red Hat for a few days, and have had a brief exposure to UNIX some years ago. I was intrugued by Linux, so I obtained Red Hat WS over the weekend. Of course, my head is full of Micrisoft OS knowledge, which I have been working with for quite some time.
My first question is thus:
How can I give a user who is not root full administrative rights? I have noted that each file or folder created has its own set of permissions you can change to allow other users to read/write/execute. What happens if you place a user into the "root" group, for instance?
that's a really not nice first question, it will amke people think that for unknown reasons you want your normal use to have root. this is, of course, A REALLY BAD IDEA AND SHOULD BE AVOIDED.
generally speaking though, the admin group is called "wheel" if it's not "root". adding a user to that group will give them the same rights.
Originally posted by 0perat0r
How can I give a user who is not root full administrative rights?
You definitely DON'T want to do that. Not only because
it's too easy to render your system unusable by accident
but also because if you run everything as a user with
root privileges you'd open the doors wide for exploits
or trojans. Please search the forum for more in-depth
discussions of this topic, it has been asked (and
answered) quite a few times...
Quote:
I have noted that each file or folder created has its own set of permissions you can change to allow other users to read/write/execute. What happens if you place a user into the "root" group, for instance?
Depends on what the permissions actually are ...
If a file, for example, were owned by root:root,
and the permissions are
rwsr-xr-- a user in group root could actually run it.
Cheers,
Tink
P.S.:
/me high-fives Chris:"You soundly beat me to this one!" ;)
Thanks to you both for your quick responses. I understand the dangers of giving users full control, as I do Windows admin as well. This is on a home PC, so I would be the only user with that kind of control. As for the security risks, your comments are noted.
Originally posted by 0perat0r
This is on a home PC, so I would be the only user with that kind of control. As for the security risks, your comments are noted.
Thanks
Well, as soon as there's an internet connection involved
there's no such thing as a HomePC anymore. Always bear
in mind that, even though Linux programs are usually more
robust in this respect than Windows will ever be, there MAY
be an exploit that hasn't been fixed yet, and you may be
running a vulnerable piece of code. You want to minimize
the risks, not only because you may have stored sensitive
data (like banking or credit card details), but also because
you don't want your machine to be the leap-stone for a
bad hacker, or for it to be used in a DDoS attack ...
Thanks again. There is a wealth of material here. I think once I start to understand how the OS is handling its processes, the security vulnerabilities will become clearer. I notice that when I do a netstat command in the shell, that I see not only my connections with other machines, but also OS activity. I am behind a NAT (router), so at least I have one layer of extra security. There is also a built-in firewall in this version of Linux, which can block certain protocols. Firestarter (firewall) appears to be a good first solution for me. With the amount of control available with Linux, however, I can't help thinking that I could probably accomplish most of its functions myself.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.