[SOLVED] Super user in Terminal and surfing the Web
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If i logged in as a super user in Terminal and I surf the Web pages which contain dangerous scripts, can those scripts be executed as root because of the Terminal which has super user logged in? So if i logged in as a super user in Terminal, is it 100% safe to surf web-pages? Can anything in those pages use super user's privileges which is logged in Terminal?
Click here to see the post LQ members have rated as the most helpful post in this thread.
I don't know what the full level of risk you face is, but at the very least the process uses your user and group ownership, to be able to access files and directories belonging to you. And since the superuser has access to the whole system surfing as root is definitely not safe.
if i logged in as a super user in Terminal, is it 100% safe to surf web-pages?
It's the other way around: root is NOT a generic account for use by human users. You should not be using it to surf the web or whatever day to day stuff you do. Use it for systems administration and only that.
Guys, you got me wrong. I mean Firefox doesn't have root privileges, only Terminal. The Firefox is started from regular user. But at the same time there is a Terminal which currently has root logged in.
If Firefox runs as normal user, any script that will be started from within Firefox will also only run as normal user. So I think there is no risk at all. Please correct me if I am wrong here.
If you log in with root, then it's a problem. Since, you are logged in as a normal user you are fine. Unless you are starting firefox from that root Terminal emulator as "firefox &" then whatever firefox will do, will be done as a root user and that's just shooting yourself in the foot. Atleast, that's what my understanding is.
You know, I saw one guy who is working as a Linux admin always logs in as root and do browing etc. I asked him and he said with normal user you have to keep entering passwords all the time (in GUI mode). He does use the computer for personal use and for learning. I think it's just a security risk and just plain bad Linux practice.
Last edited by PenguinWearsFedora; 09-23-2010 at 01:19 PM.
As evidenced by his lack of respect and discipline and performing unprivileged user tasks as root account user he clearly does not. Period. Also let's not continue this SA discussion here as it is potential hijack material and definitely OT wrt the OPs questions.
In all respect unSpawn, the OP's follow-up post states clearly that he is NOT performing unprivileged user tasks as root. He's simply worried that having a root terminal open at the same time may provide a channel for exploitation. While this shows a bit of uncertainty on his part about the exact nature of the risk, I see no evidence that he doesn't understand the basic risk of root privilege itself. Indeed, the fact that he even asked the question indicates that he does.
Speaking of which, I suppose there's a very remote chance that someone could create an exploit that would emulate the keyboard and attempt to type some malicious command into whatever console windows are open. But I think that's such an unlikely possibility that it isn't worth worrying about.
In all respect unSpawn, the OP's follow-up post states clearly that he is NOT performing unprivileged user tasks as root.
I was addressing PenguinWearsFedora's post. Since it's gotten this far it has become a nice example of how a hijack skews a thread.
Quote:
Originally Posted by David the H.
I suppose there's a very remote chance that someone could create an exploit that would emulate the keyboard and attempt to type some malicious command into whatever console windows are open. But I think that's such an unlikely possibility that it isn't worth worrying about.
If I would create an exploit then I wouldn't try to sense if there's a terminal window open (no matter who owns the process) and try to type in commands. Way too much work when you can have the user pull in a payload by accessing a Flash movie stub or .pdf file.
No mea culpa necessary, I'm not accusing you of hijacking, if anything I should have used a quote to anchor my reply.
As far as taking things serious that kind of goes with the territory. After all this forum is home to several otakus (not derogatory but with positive connotations). Unless the OP shows clear signs of trolling, being part of the TFH crowd or strong stability issues of the pill-popping kind we should take things serious by default in the Linux Security forum.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
Super user in Terminal and surfing the Web
I missed the redefinition of the pronoun. You're absolutely right then. Mea culpa.
