LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-05-2005, 03:47 PM   #1
Biased turkey
Member
 
Registered: Jan 2002
Location: Canada
Distribution: redhat7.2
Posts: 169

Rep: Reputation: 30
gdm, cannot login as root. Why


By default root cannot login in gdm ( Gnome display manager ) . The same is true with kdm.
I know how to change that so root can login.
Allowing root to login with gdm is a "security" option.
Why is it unsecure to log in as root in gdm ?
Just curious.
tia for any information.
 
Old 08-05-2005, 05:30 PM   #2
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Debian, Arch
Posts: 8,507

Rep: Reputation: 128Reputation: 128
Logging in as root is a bad idea (tm) because it increases the risk of problems with the computer due to accidental deletion, buggy software, and all those sort of things. And yes, on the off chance you get one of the about a half-dozen linux viruses, it could wreck the whole system.

If you need to do system administration, use su. Or sudo. Or gksu. Or some similar task. No reason to check your email as root.
 
Old 08-10-2005, 03:03 AM   #3
Ephracis
Senior Member
 
Registered: Sep 2004
Location: Sweden
Distribution: Ubuntu, Debian
Posts: 1,109

Rep: Reputation: 50
Oh my God! Never do X as root. This is why most distros that allow this will show a big, annoying, red background when you are logged in as root in X. Ubuntu will not even let you login as root ever! That is good security, IMO. IIRC Windows will force you to make at least ONE other administrating account besides the "Administrator", that is bad security.
 
Old 08-10-2005, 03:14 AM   #4
SlackerLX
Senior Member
 
Registered: Dec 2004
Location: Herzliyya, Israel
Distribution: SuSE 10.1; Testing Distros
Posts: 1,832

Rep: Reputation: 47
Did they frighten you? Do not mind these guys, they are not bad, they just want you to avoid troubles.
If anyway you want to login as root in X
Call the console
#su
[type root pass]
#gdmsetup
Configure gdm and allow it to login as root

Again, these guys are right, Not recommended
 
Old 08-10-2005, 08:47 AM   #5
yapp
Member
 
Registered: Apr 2003
Location: Netherlands
Distribution: SuSE (before: Gentoo, Slackware)
Posts: 613

Rep: Reputation: 30
By using a root account for your desktop, you reduce the security of your linux box to the level of Windows 95. The root account is allowed to do virtually everything with the system. It has no limitations.

If a program (like your webbrowser) gets hit by a 'virus' or 'exploit', that virus has the same power you have: to do everything. The reverse is also true off course. A normal user account severely limits the abilities of a virus.

Last edited by yapp; 08-10-2005 at 08:49 AM.
 
Old 08-10-2005, 01:43 PM   #6
Ephracis
Senior Member
 
Registered: Sep 2004
Location: Sweden
Distribution: Ubuntu, Debian
Posts: 1,109

Rep: Reputation: 50
Quote:
Originally posted by yapp
By using a root account for your desktop, you reduce the security of your linux box to the level of Windows 95.
Almost all Windows XP boxen runs as Administrator by default. So the Windows 95 is not correct, just "Windows" would do.
 
Old 08-10-2005, 01:52 PM   #7
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Debian, Arch
Posts: 8,507

Rep: Reputation: 128Reputation: 128
And it's not quite that bad... but the point is taken. Of course, the most important thing on a computer is your data, which is still vulnerable even as a user.
 
Old 08-10-2005, 02:07 PM   #8
IsaacKuo
Senior Member
 
Registered: Apr 2004
Location: Baton Rouge, Louisiana, USA
Distribution: Debian Stable
Posts: 2,546
Blog Entries: 8

Rep: Reputation: 465Reputation: 465Reputation: 465Reputation: 465Reputation: 465
In my experience, the main problem with running a graphical environment as root isn't security from viruses, but security from your own software.

Complex graphical software does more stuff "behind the scenes" than you can wrap your mind around. Stuff like GNOME, KDE, Konqueror, Nautilus, or Firefox access oodles of configuration files and settings, and it's really easy to accidentally mess something up which breaks the software for ALL users (not just root). Part of the reason is that this software is assumed to be run NOT as root, so it isn't tested as root much (if at all).

In contrast, when you login as root on a text console, you tend to run much simpler software with a more obviously limited scope. When you use "cd, cp, and mv" to move and copy files, the shell isn't going to mess with any files that you don't explicitely specify. When you navigate around in Konqueror, there are a bunch of temporary files and thumbnail files and .desktop files and .directory files and such which are accessed automatically.
 
Old 08-10-2005, 02:30 PM   #9
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Debian, Arch
Posts: 8,507

Rep: Reputation: 128Reputation: 128
Quite a valid point, IsaacKuo. One that is often overlooked.
 
Old 08-11-2005, 01:50 AM   #10
SlackerLX
Senior Member
 
Registered: Dec 2004
Location: Herzliyya, Israel
Distribution: SuSE 10.1; Testing Distros
Posts: 1,832

Rep: Reputation: 47
So, summing all that has been said the community recommends you not to enter root mode unless for SOME setups and emergencies.
 
Old 09-29-2009, 04:03 PM   #11
Ferama
LQ Newbie
 
Registered: Sep 2009
Location: Indian Harbour Beach, FL
Distribution: Ubuntu
Posts: 1

Rep: Reputation: 0
Quote:
Originally Posted by SlackerLX View Post
Did they frighten you? Do not mind these guys, they are not bad, they just want you to avoid troubles.
If anyway you want to login as root in X
Call the console
#su
[type root pass]
#gdmsetup
Configure gdm and allow it to login as root

Again, these guys are right, Not recommended
Thank you immensely! I needed this and used it for a few minutes and then revoked the root user login.
I totally agree with everyone though and this should only be done "carefully" and under certain circumstances.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to run a Script as root, after Login as User, in GDM MHOOO Red Hat 14 03-08-2005 08:41 AM
gdm login help moschi Linux - Newbie 2 07-03-2004 12:30 PM
root cannot login through gdm bahadur Linux - Networking 3 06-12-2004 03:56 PM
root cannot login through gdm bahadur Linux - Security 1 06-10-2004 01:31 AM
X login using GDM koyi Slackware 2 07-24-2003 11:00 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:24 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration