my 2c
> Subject: Re: Why root is dangerous
>
> It opens up your system to exploits, such as "Trojan horses" and
> other
> "nasty things." When you run as "root" you are running as a
> 'privileged
> user" and thus, I guess, Linus (author of Linux) felt that
> you should know
> what you're doing. There are some files, etc which can ONLY
> be written to by
> "root" and while a user may LOOK at the files, they can't
> EDIT them. For
> example, the file which controls which services will be
> available (sorry, I
> forget what it's called) is NOT user-writeable, however it IS
> root-writeable
> (otherwise, you'd never be able to modify it <G>) If you are
> running as a
> standard user, even if someone managed to "hack" your
> account, there's not a
> heck of a lot that they could do to the system. However, if
> they get the
> root password, or can give you a hostile app and convince you
> to run it,
> they could throw your system wide open.
also root can read and write to any file. root can read your mail, change
all the passwords ... you would not want ordinary users to have these
possibilities. That is why there is an administrator account.
> A friend of mine did this one time -- he visited a website as
> "root" and a
> hostile applet "cracked" his system and he was forced to
> reinstall Linux to
> get rid of it. Basically, I have no experience doing things on-line as
> "root," I have learned from the experience of others and let
> OTHERS bear the
> pain of discovering why you should only log in as "root" to do "Admin"
> stuff.
> Now, I log in as "root" and as "john" every day at work.
> However, I don't do
> anything in the "root" account for the most part. That login is there
> basically so that if something happens, I can shut down the
> system cleanly
> or shut X if it locks up (which it has on occasion.) Having
> an open "root"
> login isn't necessarily a dangerous thing, if your computer
> is physically
> secure from tampering. However, my advice would be that you
> shouldn't have
> an active "root" login if your computer is physically accessible by
> unauthorized personnel.
That is the point. I just can not see why being logged in as root on a
console permanently can be usefull. you want to shut down ? either press
CTRL-ALT-DEL or do "exec su -" to become root WHEN YOU NEED IT. You want
to shut down your X session, press CTRL-ALT-BACKSPACE and it is gone...
When you are logged in as root, all small typos can drive you to a point
where you have to re-install all the system. you can alter the partition
table, erase disks, erase all the filesystem, kill a job doing important
work ...
On my systems, I can not log in as root (am i not on the console, the
server are in a special room), so i need to log in as my user and execute
a su to become administrator. I recommend this to everyone. In the logs
you can see what login user tryed (and succeded) to su root, but if you
log in directly as root, who could tell the user that was on the keyboard
?
> John
pascal
