Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
A couple of questions -
1} I created a user account and I'm getting fed up of constant messages saying access is restricted all the time and I just want to know if there's an easy way I can allow access for everything but anything that should be root only asks for a password instead of just saying restricted so I have to start setting permissions etc.
2} If the above is not possible I would just rather login as root all the time and block access to my my XP drive to everyone, including root. How would I do that? I have set it as forbidden but I am still able browse and copy to and from my XP drive.
This is a BAD idea!
Get used to user permissions and inputting passwords as you will severely compromise your Linux box if you run as root all the time. This is partly why Windows sucks so much. It's not just that you might accidentally mess up a system file, it's that when you run as root, every program you start is running with root access as well. So any malicious code in a webpage or malformed code will run on your system with the same priveleges as root.
Potential cyber-suicide.
The closest you'll get is to set up a sudo account (allowing you to perform otherwise sysadmin type tasks as an ordiary user - though you will still have to put your password in.)
Linux doesn't mess about when it comes to security.
The sudo account sounds pretty much like what I'm looking for. I'll get googling for more info.
Does anyone know where I can find more info about sudo?
As it turns out, not so useful. The problem is, I was using the user account I setup when I installed Kanotix to disk and everything was fine. I was installing programs to the home directory and it was becoming very cluttered so I decided to delete the account and start again by creating a new account and this was the start of my problems.
I have read what I can about setting permissions and but nothing seems to work. I eventually got kppp to run but I had to input all my dial-up details again and after faffing around for about an hour I still can't get the modem to start, it says initialising but nothing happens. On top of this I'm getting no sound at all and I'm having loads of other problems. I've added myself to all the groups that should get things working but I'm still getting nowhere.
Can anyone point me to a good knowledge base so I get hardware working as a user because it's becoming a major pain in the arse now.
Right so I started getting the hang of it and got most things working (not modem, though) but somehow, when I thought I deleted my modem folder, I found after booting up I had actually deleted my etc folder!! How is this possible? I thought the whole point of running as a user was to stop you doing stupid, idiotic things like deleting one of the most important directories.
And to make things worse, half an hour before that I wiped out my backup partition to make some room for a /home partition (ok, so I should have copied all my backups to my other drive BEFORE deleting the partition) so I can't even restore the etc directory, I don't know whether to laugh or cry.
Consider this a lesson learned and get out the install disks. This is exactly why running as root and making too much use of sudo is a very bad thing to do...
the only way a normal user could have deleted /etc is if someone hosed up the permissions on it ... as root
one day i was asked by a user to
- to create a user with root acccess
- to change a root username to something else
- The user didn't want to bother with putting his password. i asked him if he wanted to get hacked or if he has been hacked one day and had known about it.
- i said it wouldn't change nothing , you can get the user uid with a simple command. hackers look for uid 0 not root. i didn't bother detailing right access, root privileges and the rest.
root user is for maintenance stuff, configuration and that's it.
If you are too tired someday and logged as root you can also enter a simple command such as:
I've re-installed and I'm starting the process of apt-getting what I lost (though it wasn't that much really), with the Kanotix made user account I'm getting the hang of it again and am only using root when I need to.
There's still a couple of problems though -
Firstly, I still can't get any sound when using the user account.
Secondly, after re-installing my modem driver and setting up Guarddog I could connect to the internet fine using the user account but now when I started up the computer I can't get it to connect - kppp is saying unable to open modem and I can't find a way to get it to start up.
1. The user is in the audio group
2. There is already a startup script for the modem
Thanks for the suggestions though.
I've just tried rebooting and logged in as root and sound internet connection were working normally, I then rebooted again and logged in as user and no sound, no connection.
for your connection check if it is already activated at boot, not when a user is logged in. If root can surf the web why wouldn't a regular user not be able to do so.
- alt+FX to go to a console.
- login.
- ping google.ca
- check if kppp isn't launch when the gui start. it would be unecessary since there is an init script for that...
Well that got my sound working... until next time I logged in, then no sound again.
I also noticed something else, I messed around with the desktop a bit and added some items to the kicker and a couple of applets and after restarting they were gone. Also, I tried running Firefox and Thunderbird and neither would allow me to create profiles, I got a message saying I don't have write access to my own home folder. And I'm still getting nowhere with the modem.
This is driving me potty.
Flippin 'eck. Does everyone really exclusively log in as a user? It just seems so much hassle and every simple thing becomes a huge chore. I'm sure it makes Linux very secure but really.
It's all very well trying to stop anyone else getting access to the computer but I would actually like to access things myself.
I'm starting to think I'm missing something simple here, I logged in as a user in Knoppix, which I have installed on another partition and I'm getting identical problems, the same things aren't working - no sound, no modem, no write access to my home directory but again, everything is working fine as root.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.