I use root because I'm hardcore, like Mountain Dew.
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I use root because I'm hardcore, like Mountain Dew.
I've always been working as root user in Linux installations I've had. I know it's bad, and I should be, like, beat and stuff for it, but I've never really known what groups I should assign a 'user' for myself.
So... I'll be good, for an occasion, and start making different users. What kinds of things do I want to keep in mind with making a user, and what limits does a 'safe' user need?
This is a bit like asking: "Which of my possessions should be in a bank vault vs under the bed?"
Who has physical access to the computer?
What is it used for?
etc.
A "safe user" is one who only has the permissions they need and does NOT have permissions that would cause damage.
Generally speaking the default set of permissions that linux grants a user are all they will need on a daily basis. As far as a group is concerned all the distros that I've worked with assign a default group-usually either creating a group by the same name as the user or adding them to the users group. In either case the users are always added to any other groups that they might need depending on how the distro is set up. For example some distros also add users to the groups audio, cdburner, etc.
On my newly installed kubuntu by default I am added to the following:
Code:
jslittl@jslittl-laptop:~$ groups jslittl
jslittl : jslittl adm dialout cdrom floppy audio dip video plugdev lpadmin scanner admin
jslittl@jslittl-laptop:~$
Thank you, I didn't realize it was so easy... honestly, I keep expecting everything in any Linux distribution to be ornery and life threatening, with a bad attitude and a craving for my blood.
Only use root if you need to configure system settings or loading a service like SAMBA, CUPS, APACHE, FTP, SSH, and others. Do not use root to run GUI or else you will trash your setup. By default in a non-parnoid setup, user permissions are 750 (-rwxrw----).
Windows users do not know any better even though they should create users that are not administrative accounts. In both Windows XP and Windows 2000, I create at least two accounts. One is an administrator and other is a normal user. A Power user can also be created, but this can only be done in the management panel. However, creating users in Windows still will not fix the permission on every file that is set to everyone by default, so Windows is still far, far away from being secure out the box.
Quote:
Originally Posted by xjlittle
...In either case the users are always added to any other groups that they might need depending on how the distro is set up...
Are you sure always. When users are created in Linux, they get an user ID and that is about it. The two utilities to create users are adduser and useradd. The administrator or root have to add the users to the desire groups after or during making users. Use useradd -m <user name> to create a user and setup their home directory. Include -g to add users to desire groups.
Distribution: Dabble, but latest used are Fedora 13 and Ubuntu 10.4.1
Posts: 425
Rep:
Quote:
Originally Posted by AphoxemaG
I root because I'm hardcore, like Mountain Dew
----------------------
You root because you're stupid. Root allows you screw up your system all by yourself, forget people hacking in.
My Linux box is not connected to either the internet or a network, and I had to wait extra time for it while the guy who built my system found a (then) modern motherboard that did not have an ethernet card built in. It CANNOT be broken into by anyone who isn't physically sitting at the machine, because it is not connected to a network and physically cannot be connected (otherwise, yes, I know that it would only be a question of time). NOTWITHSTANDING ALL THAT, I stay away from root because it only takes one confused command in terminal (think "dd" or the like) or a mis-click of the mouse, to trash the OS in Root.
BTW, you want hard core for a soda? Drink Moxie. Mountain Dew is for the ladies.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Quote:
Originally Posted by Electro
Are you sure always. When users are created in Linux, they get an user ID and that is about it. The two utilities to create users are adduser and useradd...
Technically that is true, but I'm willing to bet that most modern Linux users create new accounts through an interface in their Windows manager, or through some script or utility that is part of their distribution's admin tools. Those tend to add new accounts to a lot of groups by default (as required by that distro).
So the statement might have more accurately read: If you add a new account through your distro's admin utility...
Another perma-root noob reporting in.. I always use root simply because I always perform tasks that require a root login. 99% of the commands I issue need root access, so I really don't see the need to log in as a non-privileged user for that last one percent.
Besides that, I honestly do not care if I trash the whole OS at this point, it takes me five minutes to get slackware 11 up and running, with any backups I need in place. Ah, what would I do without vmware..
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Quote:
Originally Posted by odd2k
Another perma-root noob reporting in.. I always use root simply because I always perform tasks that require a root login. 99% of the commands I issue need root access...
That cannot possibly be even close to true. The only way that would be accurate is if all you did was mount and unmount drives, connect to serial devices, and install new iptables rules. You must be doing something else, such as playing music, browsing websites, chatting, editing a website, writing papers, etc, etc.
Running everything as root is no different than how most people run Windows, as Administrator. It has the exact same security problems. The more popular Linux gets, the more exploits are written for it. Since the rapid growth of the LAMP install base, a huge number of exploits have been developed for PHP applications. If Linux on the Desktop ever catches on, you can bet there will be a ton of exploits for that as well. If you're running as root when you get exploited by a bug in Firefox or GAIM, your whole system can be affected.
Also remember, it's not only the damage to your own system, it's mostly about the damage your system causes to others. Historically most exploits were written by hobbyists for "fun" or to prove a point. Usually they didn't do that much damage, but enough to get noticed (such as delete all image files, or all Word documents, etc). Contemporary malware writers do so for profit. They go to great lengths to hide the fact that they've compromised your system as they use it for sending spam, hosting phishing sites, or running automated attack bots that exploit other sites.
There are two very dangerous assumptions being made: a) that you will notice that your box has been compromised and b) that the compromise will only affect you. Both of them are likely to be incorrect. I could throw in a third dangerous assumption as well: c) Linux is more secure than Windows "just because".
Generally speaking the default set of permissions that linux grants a user are all they will need on a daily basis.
...
On my newly installed kubuntu by default I am added to the following:
Code:
jslittl@jslittl-laptop:~$ groups jslittl
jslittl : jslittl adm dialout cdrom floppy audio dip video plugdev lpadmin scanner admin
jslittl@jslittl-laptop:~$
Even those I'd call way too permissive. With those perms it's probably possible to:
-down the network on other users from a user account using the "dialout" permissions. Think of ppp or other network connections.
-trash any disk left in the floppy drive (boot disk?), if writable by the "floppy" user, as /dev/fd0 and friends are usually writable by group floppy
-various printer naughtiness with lpadmin. Same for scanner, possibly plugdev, depending on what it can access (I've never seen this group so I don't know for sure, but I'd certainly check it out)
-open & close the cd tray, possibly mount/unmount cd filesystems, from the network as user
-write to system files as user (if anything is belonging to adm or admin, which does include some systems). Look at the rc.* files, possible in /dev, by using dd to write thru adm/admin owned /dev/ devices.
-play sounds out of the console from the network (I learned about this one because I had a user ssh in and play an mp3 of a muppets show to the console before I tightened down the permissions. Cute, but highly annoying.)
-establish unauthorized network connections out, possibly in as well, using the dip permissions
-not sure about "video", but it may be possible to snarf screens in some setups
Many distros add users to such groups to make things easy to get started, especially for new users. Almost all of these are not needed and can be trouble. I'd recommend limiting users to just the "users" account, and possibly any special project/job group they're involved with. For special tasks like mounting and unmounting CD's or making a dial out connection, it's probably better to use something like sudo. It's easier to control exactly who does what, and you get account (logs) of what's going on, too.
Chort, yes and no. On some machines (ie servers) I'd only ever connect as root as I'd only be updating, checking logs, whatever. It's only desktops where non root users rule
That cannot possibly be even close to true. The only way that would be accurate is if all you did was mount and unmount drives, connect to serial devices, and install new iptables rules. You must be doing something else, such as playing music, browsing websites, chatting, editing a website, writing papers, etc, etc.
Actually, I'm only using this virtual machine for server stuff, trying out installs, building LFS and so on.
Quote:
Originally Posted by chort
Running everything as root is no different than how most people run Windows, as Administrator. It has the exact same security problems. The more popular Linux gets, the more exploits are written for it. Since the rapid growth of the LAMP install base, a huge number of exploits have been developed for PHP applications. If Linux on the Desktop ever catches on, you can bet there will be a ton of exploits for that as well. If you're running as root when you get exploited by a bug in Firefox or GAIM, your whole system can be affected.
I rather see it this way: If an exploit is able to run commands on your system as a non-privileged user, then your system is already as compromised as it will ever be. I'm thinking of root kits and so on. But I suppose it's a good idea to avoid using root unnecessarily, just in case.
Let's get something straight... Windows has two modes of security... 'Insecure', and 'Less Secure'.
Just kidding... maybe...
Right now, I have a user, 'aphoxema' with a 14 character password with letters and numbers, the only groups assigned are 'users', 'cdrom', and 'audio', and whatever Slackware 11 defaults those as. They sounded safe, anyways...
/dev/hdc5 is just a fat32 share I made to push things to Windows if I need it, I did the 'umask=0222' because I knew it would let me actually read the disks, and since they're RO, I figured I shouldn't have much to worry about anyways.
I disabled all of the service options when I installed Slackware, and I only run root now to configure iwconfig, because I have no idea how to make that available to users.
Chort is exactly right; I'm using Linux again because I'm not using things that are strict to Windows right now, so I can do just about everything I normally do in Linux, now. I hope Linux becomes popular, even competing with Apple and Microsoft. I respect open source and liberated software, and I worship Linus Torvalds. I want to know what I can do right, what I can do wrong, how I can be vulnerable, and just what I can do with Linux now that I can do many things I never could before, such as play music and video, use the majority of my hardware, and sofware has only grown more stable and popular.
I suppose the responsible first step is to know how to avoid l33t h4x and suicide-by-root...
And, apparently Moxieman read my topic instead of my post, and assumed I wasn't 'the ladies'.
"The less a man makes declarative statemets, the less apt he is to look foolish in retrospect"
Distribution: Dabble, but latest used are Fedora 13 and Ubuntu 10.4.1
Posts: 425
Rep:
[QUOTE=AphoxemaG
And, apparently Moxieman read my topic instead of my post, and assumed I wasn't 'the ladies'.
"The less a man makes declarative statements, the less apt he is to look foolish in retrospect"[/QUOTE]
---------------------
True, but declarative statements are much more fun. Besides, they build character. Moxie does, too.
Anyway, I think everyone here agrees that being root unnecessarily is not only stupid but dangerous to the owner and to others. I can accept someone taking risks with their own systems, but they have no authority to put the systems of others at risk by unleashing a compromised box onto the internet or a network. If someone wants to spend their time re-installing their own system, fine, but a decent respect for the rights of others demands that root use be minimized.
Believe it or not, there are lawsuits out there for negligent computing -- where I am sued because my computer was compromised and used for an attack on your computer -- and routinely unnecessarily using root on a system connected to a network or the internet is negligent.
Why take the risk when almost all of the distributions out there offer to set up perfectly usable user accounts as part of installation?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.