Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
why no root?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Gentoo Chat
View previous topic :: View next topic  
Author Message
scotoma
n00b
n00b


Joined: 07 Jan 2005
Posts: 39

PostPosted: Sat Jan 22, 2005 3:01 am    Post subject: why no root? Reply with quote

can someone help me understand the disadvantage of running as root all of the time? I was told to create an account that is not root to run under for most tasks, but why?

Thanks in advance!
Back to top
View user's profile Send private message
seank
l33t
l33t


Joined: 08 Jul 2004
Posts: 686

PostPosted: Sat Jan 22, 2005 3:07 am    Post subject: Reply with quote

Well, first thing is you could make a mistake in the terminal and totally b0rk your system. Second thing would be that running programs that connect to the internet as root is quite dangerous.
Back to top
View user's profile Send private message
Riftwing
Apprentice
Apprentice


Joined: 06 Oct 2002
Posts: 293

PostPosted: Sat Jan 22, 2005 3:46 am    Post subject: Reply with quote

It possible to exploit programs to have them crash to a prompt. Now if that program happens to being running as root, it will drop them into a root prompt and they will have root access to your computer.
_________________
Good, bad, I'm the guy with the gun. - Ash, Army of Darkness
Back to top
View user's profile Send private message
Pink
Veteran
Veteran


Joined: 24 Jul 2003
Posts: 1062

PostPosted: Sat Jan 22, 2005 6:19 am    Post subject: Reply with quote

It is the fundamental difference between windows and linux (well, a badly configured windows anyway).

Root has access to every file on your hard drive - it can delete them, change them, move them and rename them. Get a 'virus' (I put that in inverted commas as I use the term loosely for descriptive purposes only) and with root access anything can happen - again, look what happens in Windows with a malicious prog: file deletions, renaming, adjusting and so on, a complete system comprimise.

A user only has access to those files that you allow. Usually users have write access (i.e. can change or delete them) only to those he/she created in their home directory. This would be a loss in a comprimised system, but hopefully a backup would have been made and no system damage would have been caused and if the malicious prog was not discovered, nothing serious could occur.

The other thing that linux has is groups. For example those users in a printer group (which can be created if it does not exist) would be able to print things - those not in the group would not. You can have a group for anything you like, such as accessing the internet and so on.

You should never have to log in as root either. I haven't in a couple of years. If I need to do something as 'root' such as install a programme I open a terminal, type in 'su' (for 'super user'), enter my root password and then install the prog (emerge progname) or compile a kernel or whatever. Then exit the terminal when that has finished.

See why having normal users is a safer and more secure way of doing things?

You are also bound to see people who say 'I've been using Linux since 1996 and I've always been root and never had a problem'. Don't listen or be concerned about what they do. I also know people who use windows and have never had a virus and I know people who don't wear seat belts in cars, neither of which I would recommend to anyone.

As you seem to be a newcomer to Linux may I say Welcome :D
_________________
usefuljaja.com - VPS Tutorials
Back to top
View user's profile Send private message
Vann
Guru
Guru


Joined: 04 Aug 2002
Posts: 357

PostPosted: Sat Jan 22, 2005 6:55 am    Post subject: Reply with quote

Other people have mentioned the technical reasons, but there's another, often ignored issue. Using root as your primary login makes you lazy. You're apt to leave file strewn all about the filesystem, or alter things in inappropriate ways and then forget about them. This happens on Windows all the time, where someone's music/videos/whatever are in several locations on the hard drive. If you run as a normal user it forces a very minimal set of 'good behaviors' on you that will probably save you a lot of headache down the road.
Back to top
View user's profile Send private message
lightvhawk0
Guru
Guru


Joined: 07 Nov 2003
Posts: 388

PostPosted: Sat Jan 22, 2005 3:23 pm    Post subject: Reply with quote

Here's why you shouldn't be root all the time, because it causes normal people to do stupid things.
_________________
If God has made us in his image, we have returned him the favor. - Voltaire
Back to top
View user's profile Send private message
/dev/random
l33t
l33t


Joined: 26 Nov 2004
Posts: 704
Location: Austin, Texas, USA

PostPosted: Sat Jan 22, 2005 6:08 pm    Post subject: Reply with quote

PickledOnion wrote:

You should never have to log in as root either. I haven't in a couple of years. If I need to do something as 'root' such as install a programme I open a terminal, type in 'su' (for 'super user'), enter my root password and then install the prog (emerge progname) or compile a kernel or whatever. Then exit the terminal when that has finished.

Ermm su stands for switch user I believe. Try su <some_user_name> and you'll see why i think that.
Back to top
View user's profile Send private message
scotoma
n00b
n00b


Joined: 07 Jan 2005
Posts: 39

PostPosted: Sat Jan 22, 2005 6:17 pm    Post subject: Reply with quote

wow thanks for all the replies! Theres another thing I like about the linux community, they are so willing to teach those that wish to learn. Thanks! I will now actually use my alternate account.
Back to top
View user's profile Send private message
Athas
Guru
Guru


Joined: 04 Sep 2003
Posts: 394
Location: Brøndby, Denmark

PostPosted: Sat Jan 22, 2005 6:40 pm    Post subject: Reply with quote

/dev/random wrote:
Ermm su stands for switch user


I think the correct meaning is substitute user, since it substitutes the effective (not real) userid.
_________________
Emacs-optimized danish console keymap - My .emacs
Climacs - next generation Emacs.
Back to top
View user's profile Send private message
MaxDamage
l33t
l33t


Joined: 03 Jan 2004
Posts: 650
Location: Oviedo, Spain

PostPosted: Sat Jan 22, 2005 11:44 pm    Post subject: Reply with quote

If you don't want to be writing the root password all the day, use sudo. You can make all the users in the wheel group be able to run apps as root. In a home system, is not such a big risk.
_________________
La PDA de tungsteno
Back to top
View user's profile Send private message
Pink
Veteran
Veteran


Joined: 24 Jul 2003
Posts: 1062

PostPosted: Sun Jan 23, 2005 10:22 am    Post subject: Reply with quote

Athas wrote:
/dev/random wrote:
Ermm su stands for switch user


I think the correct meaning is substitute user, since it substitutes the effective (not real) userid.


Cool, learn something everyday :D
_________________
usefuljaja.com - VPS Tutorials
Back to top
View user's profile Send private message
Gherald
Veteran
Veteran


Joined: 23 Aug 2004
Posts: 1399
Location: CLUAConsole

PostPosted: Sun Jan 23, 2005 10:30 am    Post subject: Reply with quote

On my non-critical home machines, I like to uncomment this line in /etc/pam.d/su
Code:
# Uncomment this to allow users in the wheel group to su without
# entering a passwd.
auth       sufficient   /lib/security/pam_wheel.so use_uid trust

Now you can su without a password. But only when you really need the root privs, of course.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Gentoo Chat All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum