-   Linux - Security (
-   -   Using root permissions with another user (

JWT2 10-01-2005 01:07 AM

Using root permissions with another user

I am using debian sarge with gnome and kdm. I am new to most of the linux topics. I would like to know if I can give full root permission to a ordinary user account? I want a user to have essentially access to all system resources. Gnome/kdm will not allow me to login as root, so this is why I ask the previous question. If there is a way to login to gnome as root this may also work for me?
Thank you.

infinity42 10-01-2005 07:39 AM

Two questions:
a) Why?
b) WHY?!?!

One of the main security advantages of linux is that you don't run everything with access to all system resources. If you need to do something as root just use either su or sudo.

kadhiravan.r 10-01-2005 10:26 AM

u can give whatever permission u have for root to ordinary user.

how ????
for that u have to do some editing in password file.


Capt_Caveman 10-01-2005 10:35 AM

Re: Using root permissions with another user
Gnome/kdm will not allow me to login as root, so this is why I ask the previous question. If there is a way to login to gnome as root this may also work for me?

Check your gdm.conf file and make sure that AllowRoot is set to 1 (by default it's set to 0). To be honest though, it's set that way for a reason. Allowing root X sessions can be a bit dangerous and you really should be logging in as a regular user and then using "su -" to become root temporarily. Granting normal users administrative privileges using sudo and /etc/sudoers is probably a more sane alternative as well. Giving full blown root access to non-root users is a bad idea and modifying /etc/passwd is an exceptionally bad idea as it will bork your logging.

MensaWater 10-03-2005 08:56 AM

You can give full root access simply giving the user a UID of 0 (but make damn sure it is AFTER root itself in /etc/passwd.

However as implied by earlier responses you really should NOT do this!

For any non-root user that has a specific need for some root access you can install and configure sudo to allow just that access.

archtoad6 10-04-2005 08:40 AM

[list=1][*]Don't do that![*]

how ????
for that u have to do some editing in password file.
-- Really don't do that, it's a good way to hose your ability to log in.[*]Do use "su" or "sudo"[*]In KDE there is "Terminal Program - Super User Mode" under "System" in the K Menu. It even has a nice pale yellow background to remind you to be careful.[*]There is also "kdesu" available.[/list=1]

BTW, WTF would you want to do that?

ebusch 10-04-2005 10:53 PM

i ussually dont log into x with root but i did once just to do one ting is tha okay? sorry i know its a newb questoin but im curious. and what would happen if i kept using root like normal?

MensaWater 10-05-2005 09:51 AM

The main issue with logging in as root all the time is just the potential for disaster. Since root has total permissions you can do really horrible things.

Suppose for example you're in /home/myusername which is owned by myusername. Under /home there are also other directories for username1, username2, username3 all owned by their respective usernames.

You decide you want to remove all your dot files (.profile, .bashrc etc...). Not thinking for a moment you type "rm -rf .*".

As user, myusername this would remove everything under /home/myusername (forgot about the "." file that is a reference to the current directory - oops!).

Luckilly it would do no other damange because even though it would try to also erase ".." which is a reference to /home it would fail because you don't have permissions (assuming you didn't give everyone write permissions on the same group to all home directories). However as root it would erase ALL of /home because it has permission.

You are saying to yourself about now "What kind of idiot would do THAT?". The sad answer is almost anyone who has ever worked on Unix/Linux has done or will do something similar at some point. Not running as root all the time protects you from your own brain cramps or unintended actions of simple commands that you haven't thought all the way through.

archtoad6 10-05-2005 10:51 AM

Is that convincing enough?

Here are some similar thoughts from the same source:

I don't think he's any less passionate about this than I am, just more patient, maybe even more eloquent.

ebusch 10-05-2005 05:05 PM

i thought thats what would happen just making sure. thanks guys

archtoad6 10-06-2005 12:19 PM

You're welcome. I just hope the emphatic words didn't come across as too harsh.

ebusch 10-06-2005 08:13 PM

dont worry they didnt. your just making sure that my computer doesnt screw up. :D

All times are GMT -5. The time now is 11:55 AM.