Is root really that bad?
What are the real dangers of logging in as root? I realize there is the risk of deleting files that are important, but is it that easy to do? The user would still have to click on the file and press delete, right? Or is it even easier than that?
Are there things that can happen to the system that you wouldn't notice while you're logged in as root? For example, I saw a post on this board once where someone said logging in as root all the time could corrupt your modules, and you would then need to fix them. Would this happen by user error (ie: the user directly corrupting the modules), or from system error? I guess all I'm wondering is, is logging in as root all the time really such a bad thing to do? |
The point is there should be no need to. You should be able to set up your system securely so that you can use an everyday account for... everyday things, and then use root to change your setup or install things. Using root constantly is a security risk, and why risk it?
|
I have no problem using another user account instead of root all the time. But I am experimenting a lot with Linux right now, and it gets annoying when I have to type in the root password all the time for installations and configuration changes. Its also a pain when I can't use Konquerer to move files, etc, because there is no way of gaining root access from it. I always have to use the command line.
I'm just learning how to set up priveleges and such, but Windows does seem easier (probably unsecure) in this regard. |
Being root all the time is like walking around in a giant Japanese robot suit all the time. You always gotta be careful where you step, or you might accidentally squish your hello kitty-cat or something.
The point is, it's way more power than you really need for day-to-day activities. Don't get into the giant robot suit unless you need to do some heavy lifting, or blow up some tall buildings. |
to use konqueror as root there are 2 ways
kdesu konqueror #konqueror just open one of those up, leave it open on desktop 4 and now all you need to do is change desktops to do stuff. |
yes it's a bad thing to do. You don't _need_ to be root to do the normal day to day tasks of whatever it is you do so why take the risk?
To put it another way - the old miners who used dynamite to blast away rock faces didn't carry it around with them all day. They only took it out when they needed it. You should treat root priveleges the same way. |
man i sure do type slow today...
More than that, I really want one of those giant robot suits. |
I can understand his point about running as root to first set things up, but I find it easier to just "su -", install a crapload of programs, and then "exit" the su command. Much more secure this way as well.
Mandrake 9.1 doesn't even allow "root" to login from the command line; the first time I rebooted I tried to login and it wouldn't accept my password. I thought I had mistyped my root password during setup and would have to reset it, but I figured out that my normal account worked just fine. According to someone at Mandrake Expert, they don't allow logging in as root (at least not after the first reboot,), claiming things are more secure this way, yet I seem to remember an option to have "No Password" for my root account...yeah, real secure! |
Not only can you mess up your own system, you can accidently run malicious programs that then have root permission. Such programs can can get out to the network / internet and be used by others to run attacks against third-party systems from your system and IP.
|
Quote:
Thanks, I really needed that. As for root, why are you moving root-only stuff in konqueror anyway...? And the general idea is worst case scenario: you _don't_ know what could happen and that's why you don't run root. Not because you know modules could be destroyed (I don't know how they came up wih this one) or because you can accidently delete stuff, etc. Because in this case, we would just alias rm to 'echo' and find solutions for other warnings. But we would not be off the hook - the only way to plan for the unexpected is to limit yourself enough, it just couldn't physically happen. This same idea is applied in other security fiels, such as firewalls (drop ALL, allow Some). |
Quote:
Let us know how it works out for you. :D |
Quote:
Hey, maybe we can even have a contest ...who can run root the longest w/o permanently thrashing their computer... ; ) |
Quote:
That's a great idea!!! |
i run as root all the time, but i don't like to admit it.
i have more than once accidently deleted almost everything on my drive. i tried running as a normal user, but running su all the time was taking up too much time. all i do is install and move and delete files, and constantly mount and unmount drives and partitions. its just a personal use machine though. web browsing is the only thing i do that doesn't require root. i specifically remember one time i was deleting the files in a directory, and accidently hit c then enter right before rm -r *. i have a macro for c this does cd .. ; ls --color -l -s or something similar to that, and i was waiting, wondering why it was taking so long. when i was running as a normal user, i basically would keep going out to the bash prompt, and typing a command, then it would say "you do not have permission", then i would su, password, and run it again. i decided it wasn't doing me any good to try to run as a normal user, since i spent all my time su ing. i spent years in dos with the freedom to delete things by accident, so i guess i'm used to it. i spent 2 years running as root, then 2 weeks trying as a normal user, then i've been root since for 5 years. i spent the past 2 days messing up everything with upx, and i had to restore from backups to get everything to boot again. i messed up win98, windows 2000 and my redhat. i backup often with the expectation that i will need to restore often, and i do. i've tried adding some read only files in my root directory, so if i typed rm -r from there, it would at least stop and ask me, and i would realize my mistake, but i failed in that quest. |
Quote:
CTL-ALT-Fx (F1,F2,F3...) logged as root. Using 'su' is much cleaner than "running as root" all the time. It is a little annoying to learn enough to do it well. It is your computer and "do as thou wilt is the whole of the law". You could always switch user ('su') to a normal user from root. su normaluser mozilla :) Edit: Almost forgot - Ctl-Alt-F7 to return to X. |
All times are GMT -5. The time now is 07:47 AM. |