[ale] Running stuff as root == bad, was Re: FC13 question
Richard Bronosky
Richard at Bronosky.com
Sat Jul 31 16:28:29 EDT 2010
While I agree with the sentiments of this message, the subject is just
plain wrong. Running *stuff* as root *is not* bad. Running
*everything* as root *is* bad. That is exactly what happens when you
log into GUI [display manager|window manager|desktop
environment|whatever] (I don't know anything about the X.org stack. I
don't use GUIs) you run *everything* as yourself. You don't want that
_yourself_ to be root. I could have sworn that back when I was doing
MythTV I used xfce or rat poison and I used a utility called Xsudo,
sudoX, or GnomeSudo. That was good for running the occational app as
sudo. I found that MythTV being graphical by nature forced me to do
this.
On 7/30/10, scott mcbrien <smcbrien at gmail.com> wrote:
> One of the big problems with other OS'es is that users log in as an
> account with administrative privileges. On those OS'es, when an
> application, being run by the user, runs amok (perhaps a web browser
> executing badness from flash or java script?), that application runs
> amok with administrative rights. So when the application tries to
> mangle system files, libraries, etc. it can because administrators
> could also modify said files. That's one example of why you don't want
> to log in as root, but there are many more, mostly because desktop
> environments like gnome run many many many processes and helper
> applications each of which, when logged in as root, is given full
> administrative permission to do whatever they want on a system.
>
> -Scott
>
> On Fri, Jul 30, 2010 at 7:05 PM, William Fragakis <william at fragakis.com>
> wrote:
>> Nautilus, for one ;-)
>>
>> GParted can do some interesting things, too, I'd gather but I've never
>> tried (to do "interesting things"). Gedit can make your day exciting as
>> well. Personally, I can easily do as much damage from the CLI if not
>> more.
>>
>> I do find it easy sometimes to actually have a root Desktop although, on
>> this esteemed list, I'm probably in a distinct minority.
>>
>> If something bad happens, I was never here.
>> regards,
>> William
>>
>> On Fri, 2010-07-30 at 18:49 -0400, Drifter wrote:
>>> Thanks, this seems to work.
>>> But you have to admire the warning label that pops up before the GUI
>>> actually appears on the screen:
>>>
>>> "You are currently trying to run as Root super user. The superuser is a
>>> specialized account that is not designed to run a normal user session.
>>> Various programs will not function properly and actions performed under
>>> this account can cause unrecoverable damage to the operating system."
>>>
>>> No hint, of course, as to what sorts of programs can cause the damage.
>>>
>>> Sean
>>>
>>> On Friday, July 30, 2010 06:13:33 pm William Fragakis wrote:
>>> > http://blog.ask4itsolutions.com/2010/04/23/login-as-a-root-from-gui-fed
>>> > ora-13/
>>> >
>>> > Did this a couple of days ago.
>>> >
>>> > Use at your own risk, owner assumes all liabilites, etc. etc.
>>> >
>>> > On Fri, 2010-07-30 at 17:32 -0400, Drifter wrote:
>>> > > There are times when I need to to things as root that are -- for me
>>> > > -- much easier to do using the GUI aps rather than the command line.
>>> > > Years ago on a Red Hat install, root actually had a directory in
>>> > > /home and I could log into the system as root and have the GUI.
>>> > >
>>> > > This FC13 install doesn't provide that feature. I can create, as
>>> > > root, a directory in /home. That's easy enough. But what do I have
>>> > > to do so that I can log in as root directly just as I log into my
>>> > > regular user account? If I try to log in as root now, the system
>>> > > just laughs at me.
>>> > >
>>> > > Clearly I am missing several steps in the process.
>>> > >
>>> > > Sean
>>> > > _______________________________________________
>>> > > Ale mailing list
>>> > > Ale at ale.org
>>> > > http://mail.ale.org/mailman/listinfo/ale
>>> > > See JOBS, ANNOUNCE and SCHOOLS lists at
>>> > > http://mail.ale.org/mailman/listinfo
>>> >
>>> > _______________________________________________
>>> > Ale mailing list
>>> > Ale at ale.org
>>> > http://mail.ale.org/mailman/listinfo/ale
>>> > See JOBS, ANNOUNCE and SCHOOLS lists at
>>> > http://mail.ale.org/mailman/listinfo
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> http://mail.ale.org/mailman/listinfo/ale
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo
>>
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
--
Sent from my mobile device
.!# RichardBronosky #!.
More information about the Ale
mailing list