> > The Linux community's decision to cancel "root" is the dumbest Idea I > have ever experienced. If you have another account with root priveladge > - what is the point. If its hacked the same result. >
I was just looking at the same thing. As I understand, the fake non-root root user is needed as a workaround for an old problem. If you login as root and run "xterm", it will complain about disable/forbidden access to $DISPLAY. this has to do with security fixes in the X11 libraries against unsafe access to environment variables in suid executables. As result of all those/similar fixes, you cannot do a graphical login as root, applications like firefox and google-chrome cannot run if you start them as root, etc. As solution, current linux installers require that you create a fake non-root administrative user (with sudo and other special privileges), just so you can use this account to login into the machine (to enable NIS/LDAP and to create the real users). (as a bonus, documentation got smeared with "sudo this", "sudo that" noise). I do not think this adds much to security, but at least you can login and google. And of course the real root user is still there, it was not "canceled". Besides, alternative root users and alternative names for root is nothing new in the UNIX world, see https://urldefense.proofpoint.com/v2/url?u=https-3A__en.wikipedia.org_wiki_Wheel-5F-28computing-29&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=BKDVbYIeJ3JjTcyH776AZjH4S7cTX0nCx3dPPhiOOsgvsoap5Ow8c6oNZ9Doc4YZ&s=PnJeRPP6pHxJ6QMu1YLijSn0I7aoLUiM2fID8xm8jck&e= -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
