LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-01-2005, 01:07 AM   #1
JWT2
LQ Newbie
 
Registered: Oct 2005
Posts: 3

Rep: Reputation: 0
Using root permissions with another user


Hi,

I am using debian sarge with gnome and kdm. I am new to most of the linux topics. I would like to know if I can give full root permission to a ordinary user account? I want a user to have essentially access to all system resources. Gnome/kdm will not allow me to login as root, so this is why I ask the previous question. If there is a way to login to gnome as root this may also work for me?
Thank you.
 
Old 10-01-2005, 07:39 AM   #2
infinity42
Member
 
Registered: Apr 2005
Location: England
Distribution: Gentoo
Posts: 142

Rep: Reputation: 16
Two questions:
a) Why?
b) WHY?!?!

One of the main security advantages of linux is that you don't run everything with access to all system resources. If you need to do something as root just use either su or sudo.
 
Old 10-01-2005, 10:26 AM   #3
kadhiravan.r
Member
 
Registered: Nov 2004
Location: india/tamil nadu/chennai
Distribution: Linux 8.0
Posts: 37

Rep: Reputation: 15
u can give whatever permission u have for root to ordinary user.



how ????
for that u have to do some editing in password file.


kadhir.R
 
Old 10-01-2005, 10:35 AM   #4
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
Re: Using root permissions with another user

Gnome/kdm will not allow me to login as root, so this is why I ask the previous question. If there is a way to login to gnome as root this may also work for me?

Check your gdm.conf file and make sure that AllowRoot is set to 1 (by default it's set to 0). To be honest though, it's set that way for a reason. Allowing root X sessions can be a bit dangerous and you really should be logging in as a regular user and then using "su -" to become root temporarily. Granting normal users administrative privileges using sudo and /etc/sudoers is probably a more sane alternative as well. Giving full blown root access to non-root users is a bad idea and modifying /etc/passwd is an exceptionally bad idea as it will bork your logging.
 
Old 10-03-2005, 08:56 AM   #5
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
Blog Entries: 15

Rep: Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668
You can give full root access simply giving the user a UID of 0 (but make damn sure it is AFTER root itself in /etc/passwd.

However as implied by earlier responses you really should NOT do this!

For any non-root user that has a specific need for some root access you can install and configure sudo to allow just that access.
 
Old 10-04-2005, 08:40 AM   #6
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 234Reputation: 234Reputation: 234
[list=1][*]Don't do that![*]
Quote:
how ????
for that u have to do some editing in password file.
-- Really don't do that, it's a good way to hose your ability to log in.[*]Do use "su" or "sudo"[*]In KDE there is "Terminal Program - Super User Mode" under "System" in the K Menu. It even has a nice pale yellow background to remind you to be careful.[*]There is also "kdesu" available.[/list=1]

BTW, WTF would you want to do that?
 
Old 10-04-2005, 10:53 PM   #7
ebusch
LQ Newbie
 
Registered: Sep 2005
Distribution: Mepis, have used others
Posts: 11

Rep: Reputation: 0
yo

i ussually dont log into x with root but i did once just to do one ting is tha okay? sorry i know its a newb questoin but im curious. and what would happen if i kept using root like normal?
 
Old 10-05-2005, 09:51 AM   #8
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
Blog Entries: 15

Rep: Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668
The main issue with logging in as root all the time is just the potential for disaster. Since root has total permissions you can do really horrible things.

Suppose for example you're in /home/myusername which is owned by myusername. Under /home there are also other directories for username1, username2, username3 all owned by their respective usernames.

You decide you want to remove all your dot files (.profile, .bashrc etc...). Not thinking for a moment you type "rm -rf .*".

As user, myusername this would remove everything under /home/myusername (forgot about the "." file that is a reference to the current directory - oops!).

Luckilly it would do no other damange because even though it would try to also erase ".." which is a reference to /home it would fail because you don't have permissions (assuming you didn't give everyone write permissions on the same group to all home directories). However as root it would erase ALL of /home because it has permission.

You are saying to yourself about now "What kind of idiot would do THAT?". The sad answer is almost anyone who has ever worked on Unix/Linux has done or will do something similar at some point. Not running as root all the time protects you from your own brain cramps or unintended actions of simple commands that you haven't thought all the way through.

Last edited by MensaWater; 10-05-2005 at 11:01 AM.
 
Old 10-05-2005, 10:51 AM   #9
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 234Reputation: 234Reputation: 234
Is that convincing enough?

Here are some similar thoughts from the same source: http://www.linuxquestions.org/questi...63#post1852463

I don't think he's any less passionate about this than I am, just more patient, maybe even more eloquent.
 
Old 10-05-2005, 05:05 PM   #10
ebusch
LQ Newbie
 
Registered: Sep 2005
Distribution: Mepis, have used others
Posts: 11

Rep: Reputation: 0
i thought thats what would happen just making sure. thanks guys
 
Old 10-06-2005, 12:19 PM   #11
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 234Reputation: 234Reputation: 234
You're welcome. I just hope the emphatic words didn't come across as too harsh.
 
Old 10-06-2005, 08:13 PM   #12
ebusch
LQ Newbie
 
Registered: Sep 2005
Distribution: Mepis, have used others
Posts: 11

Rep: Reputation: 0
dont worry they didnt. your just making sure that my computer doesnt screw up.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Root permissions for a user Neutron1998 Linux - Newbie 1 09-30-2004 05:28 PM
Change my user to root permissions metalaid Linux - Newbie 5 01-19-2004 09:17 PM
root vs. user file permissions learning2fly Slackware 4 07-17-2003 01:06 PM
User Permissions?Root? bongski55 Slackware 7 06-17-2003 07:13 AM
Giving a user all root permissions ranixlb Linux - Security 9 05-15-2002 01:50 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:37 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration