EDIT:


Some things I need to make clear on:

I never MADE, nor promoted any tuturials. I linked one which I was working from as something paramount to questions which I was seeking clarification on.

My INTENT was simply to clarify certain questions which I had, and to challenge those who give answers like "don't touch it, stupid noob" to be more rational i their answers, or at least show that they really know why something is or isn't dangerous. Practicality and freedom are, inexorably, that which get traded for security.

I did NOT post with any political agenda, as some have accused me. There are some who would accuse me of attacking the rights of the forum owner to set his own rules - LOL! All I have to say is whether it's wrong or right, foolish or wise, to excercise such rights in some certain ways in a medium which is inexorably controlled by the democratic process, no matter who owns it, and I'm interested in the opinions of others who use such forums.

THIS HAS NOTHING TO DO WITH ANYTHING ILLEGAL - Its' so that I can actually use effectively the system which I own.

If I were to post my original forum again from start, it would have gone more like this:

I had trouble viewing non-system partitions on my drive through nautilus, and gksudo nautilus has never displayed links to these other partitions without me browsing them through nautilus first. That sounds strange, maybe dumb, but that's what I was getting, and for some reason I just wasn't able to get any response at all when I clicked the icons which Nautilus displayed. gksudo, or sudo nautilus do not display as quite the same browser guis, and some of the icons and buttons displayed in nautilus are either nonexistent or they yield errors (the Computer button is an example of the latter).

The only cause which I could consider at the time was my non-root status, and that maybe nautilus (which at least gave some indication that it knows my other partitions exist, in displaying the icons which I can't see in gksudo nautilus) may give the full access which I needed on my own machine if I was able to run that specific gui while logged in as root. I run Jaunty,

The solution which I tried was not my own idea, and it's nothing I or most (so it seems) would recommend. I cannot post links here, and wouldn't want the apearance of promoting it here anyway, but what I did was simply change the AllowRoot=False line in my gdm.conf file to AllowRoot=True. This fix would implicitly allow the root to login after a reboot. Well, I don't know if this ever did cause me to run a root session, but when, after saving the change and rebooting, I was able to view, but not write to those partitions in question through nautilus, and after opening them for viewing, I could get full access to them through gknautilus (which previously didn't even indicate they existed) - this is why I thought at first that the change must have worked, and I had logged in as user.

Well, there's something else. At some point a few months ago, I decide that I didn't like logging in to my home PC, so I took the option to make the process automatic. Now I have my AllowRoot variable set to true, and I wonder if that could possibly have allowed my root user to log in at system startup without any input from me, or even my seeing it, and then if it failed to do so then I wouldn't have known that either. So, I suppose I should disable the automatic login, if I can dig up how to do that. Still, my nautilus access, which changed after I changed one variable from false to true, and did not change back after I reset that variable back to false. Also, I had to use sudo to save changes while I thought that I was in root mode. So, maybe root access has nothing to do with the failure of nautilus to display or provide access to certain media.

In summary, my two questions are

1. Is AllowRoot=True in the gdm.conf file effective in Jaunty?
and
2. If it isn't root access, or lack of it which caused my partition access problems (they are ext3), then what else may cause this?

I would much appreciate some clues here on what really makes the root login so dangersous, and what makes sudo (a certain sort of password known by everyone) so much safer. Also, if you know of other factors than security clearance which affect the performance of nautilus - please help if you can!

Thanks for your consideration of this issue, and any which it can raise.[/QUOTE]


END OF EDIT


When I logged onto this site just now, at the top of the main page displayed the message "Welcome to Linux Questions - a friendly and active community", and that is what I hope to be true, because there is something decidedly UNfriendly about the policies at the official Ubuntu forum. Without any warning whatsoever, a mod there slapped me with an "infraction" for posting a certain how-to which was paramount to the questions I was asking in that post, which I believed to be more than valid. It told me two things about such people who moderate the Ubuntu official forum, and may be Ubuntu developers as well:

1. they have a policy of repressing certain information on the workings of their system, and

2. there are some questions which they will deal with in this way so that they won't have to answer them.

My questions for the community of this forum, and for the moderators here are:

1. Is it your policy to repress certain technical how-tos which do not necessarily cover any illegal, or perceivedly unethical activity, or do you leave it for the users on this forum to decide what to do with the information disseminated here?

and

2. Do you believe that my questions below, testy as they may be in tone, are valid questions deserving an answer?

I don't want to raise any hackles here, so I removed the link to that controversial how-to from the text of my original post below:


Thanks for your consideration of this issue, and any which it can raise.

If what you say is true then I don't agree with that rule, but rules are rules. Have you read the rules here?

http://www.linuxquestions.org/questi...debian-745036/

@ Dgeeez

Welcome to LQ

You may find that the link I posted here addresses (to some degree) the sentiment you will typically get, if you were to post a thread about a similar topic here at LQ. I think I can safely say, you would not have received an infraction from LQ for posting a tutorial about logging in as root.

That said, it's a good idea when making such a post or tutorial, to include the appropriate "dire warning" about the possible consequences of doing so, so that the reader will understand how easy it is to bork his/her system by making a wrong move as root. Of course, the same applies with ANY distro, not just Ubuntu.

Also, as per the LQ Rules, posting anything illegal is of course prohibited.

Enjoy LQ, and if you have any further comment or questions about LQ, feel free to inquire.

Cheers!
Sasha

Although running a system as root isn't illegal or unethical, it is extremely stupid (I say this with 14+ years of Linux use and almost 30 years of a computer background). As such, giving advice on how to accomplish it is not something that should be encouraged. Do I think your post deserved an infraction point? Not really because as you said, you are not encouraging the use of the information, just pointing out something that describes your question. I would think a warning would suffice, but then again, 1 point may be simply what the moderators consider to be a warning.

Now, to answer your question. By using sudo, you are only running as root those actions that explicitly require root level permissions to run, and after they are done, you go back to being a normal user. Everything else, you are running with user level permissions. If there is a bug in any of the software that you run, the potential is there for the program to fail into a system shell with the permissions of the user it is running at. If you run something as root, then a bug gives the potential to overwrite anything on the system, stop/start other apps or services as root, etc. If exploited by a cracker, then they are now able to make any program on your system be replaced with one of their own. If you run as a normal user, you are limiting what can be overwritten to things that you own, typically limited to things in your home directory. The less things that you run as root, the less possibility there is for a software bug to be exploited to gain root level access.

I hope that answers your question.

Forrest

Ubuntu does seem to be on an evangelical mission with regard to the root account, but I am really surprised that they would be so controlling in their forums....did you send them soem kind of (polite) communication asking why they have this policy?

As already stated, check the rules for yourself, but I think you will find that we allow anything that is legal and not offensive in some way.

..actually, I've heard of this happening several times (at least) before. Ubuntu just doesn't care to have the "sudo" thing changed (or any info given out to the contrary). To each their own, I guess. Sorry to hear about what happened to you,...

On the same note,..Puppy Linux runs as root,..but they really don't care if someone posts about a "howto" to do otherwise. Each distro has their own policies.

I would never have guessed that there would be a rule about *possibly* bad advice. I didn't see anything in http://www.linuxquestions.org/linux/rules.html that prohibits what you did. Are there specific forum rules written down for each forum that I'm missing? Just want to know before I get warned about bad advice I give occasionally... unintentionally.

We have many postings here about how to log in as root and how to use single to reset the root password. As long as you aren't overtly discussing cracking/black hat techniques (and everything is on a case by case basis) you are fairly ok.

And for those of you who say there are no thought police here, what am I, chopped liver? Retraining Camps for all of you!

I've never been accused of "giving bad advice" when I told someone how to enable the root account on Ubuntu.

Here at LQ, I'm not sure I can recall anyone getting disciplined for giving bad advice. (harassed, yes, but not disciplined.....) What is most common is that someone jumps on an obvious mistake, so that the OP doesn't stay on the wrong track for very long.

I suppose that if someone started posting consistently wrong or ill-advised solutions, they might get some input from the management.

So then, if I think that I am running in root, and the command which I try to run gets held up by a root priveleges issue, then does it necessarily mean that I am not running root? You see, I was under the impression that the AllowRoot=True (modidfied from false in gdm.conf would change my default login, although a harder look at that idea would make the system design as stupid than the user if that was possible. I had my system set to log in automatically, feeling safe in my own home where I wish to live free of hassles, yadaya. What I was trying to accomplish was to fix a nautilus-related problem which may or may not have had anything to do with security status. If I could redo the original post, it would be like this:

If you login as root you have absolutely full access to the whole system and any screwups can either trash your system or leave you vulnerable. Using sudo means that you have to so it as your user so you can restrict access to commands and if anything does go wrong you can trace who screwed up - being root means you only know that root did it.

Thanks!

Here is the official Ubuntu forum policy about logging in as root:
http://ubuntuforums.org/showthread.php?t=716201
Enabling the root account in Ubuntu is not recommended:
https://help.ubuntu.com/community/RootSudo
DGeeez,
You are not the only one to receive an infraction from the Ubuntu forum police about a root tutorial. I have seen other well meaning people chastised in the Ubuntu forums for telling someone how to enable the root account. I don't agree with this either; and I suspect that many people in the Ubuntu forums would agree that this is uncalled for. (Notice how the thread on the root policy that I linked to was closed after 2 of the moderators posted to it; and no one else was permitted to post there).
Although the root account is not recommended in Ubuntu, everyone can run their system any way they want. As long as you include the usual caveats about logging in as root, I don't think you should receive an infraction for posting a tutorial about the root account.

My emphasis.

This is the pertinent bit - in any forum, the admins/mods can make whatever rules they like and anyone who signs up implicitly agrees to follow those rules. I would imagine that it is set up this way so that the forums can adhere to/parallel Ubuntu's policies. Some forums are more restrictive than others, but them's the breaks I'm afraid.