You are not logged in.

#1 2006-05-22 13:02:36

McQUack
Member
Registered: 2006-03-10
Posts: 10

How to start a window as root in X

Hi everybody,

I managed to install Arch on my old laptop.

Besides some other problems (i might come back here) I'd like to start soem applications/windows (terminal or any other app.) in my DE (icewm) as root when I'm logged in as normal user.

How can I do this?

McQuack

Offline

#2 2006-05-22 13:18:25

pressh
Developer/TU
From: Netherlands
Registered: 2005-08-14
Posts: 1,719

Re: How to start a window as root in X

Why would you want that ?

You can accomplish this for example with sudo, gnomesu, ...

Offline

#3 2006-05-22 13:24:50

Aer
Member
From: Paris
Registered: 2005-12-03
Posts: 45

Re: How to start a window as root in X

Simply launch a virtual term, then su, and start your app wink


The program isn't debugged until the last user is dead.

Offline

#4 2006-05-22 15:40:21

phrakture
Arch Overlord
From: behind you
Registered: 2003-10-29
Posts: 7,879
Website

Re: How to start a window as root in X

You don't want to do that.  At all.
Most linux users, new and old, will harp on how insecure windows is and how it brings up all these bugs and things.  Well, running apps as root is what got those windows systems where they are.

Please, do whatever you can as a normal user.  Only su/sudo for as small of a time as possible.  If you're editing a file, I highly suggest you use "sudoedit" as it does not maintain an open su session.

Offline

#5 2006-05-23 05:48:33

McQUack
Member
Registered: 2006-03-10
Posts: 10

Re: How to start a window as root in X

Hi all,

thanks for your reply. I wanted to avoid that I always have to login as root at the terminal window if i want to do soemthing like pacman or edit a conf file.

But as you are more expierienced I suppose you're right and I will take a look at the "sudo-thing"

thanks for your advice.

McQuack

Offline

#6 2006-05-23 23:41:43

filoktetes
Member
From: Skien, Norway
Registered: 2003-12-29
Posts: 286

Re: How to start a window as root in X

Well now,
This 'never-do-anything-as-root' ideology is a bit paranoid if you ask me. There are many cases where it's very convenient to be logged in as root.

Windows users aren't getting in trouble because they run programs with Administrator priveleges, they get in trouble because they download obscure binaries from doubtful websites, and then decide to run them with Administrator priveleges. Windows users also use programs that have secret document formats that may contain hidden executable code. Then they use e.g mail programs that may seemlessly run those executables for you, without your knowledge (MS is always service-minded), if they should happen to turn up as an attatchment to some spam.

If you're not administring a big server park for some huge company, root could be a good thing. There are few (not none) security concerns. The biggest concern is that as root, you can mess up your system really badly. Using kdesu, gnomesu, sudo or sudoedit, whatever, will not protect you from your own messing around.

By the way, I actually thougt your question was about starting an X program as root.
You have probably started the X server as your normal user, and in Arch, that means only your normal user will be allowed to open windows, not even root will be allowed. To give root and all other users logged on to your computer (usually only yourself) permission to open windows, type this into a terminal (as your normal user):

$xhost +localhost

And if you have a network at home, you can let all the users on any machine open windows on your machine, like this:

$xhost +

It will probably let anyone on the internet open windows as well, but the programs will be running on their computers.

If your machine has the ip address 192.168.1.2 and the other has 192.168.1.3, then the other can open windows on your machine like this:

DISPLAY=192.168.1.2:0 qiv nice_picture.jpg

I remember a long time ago, in 1993, when the internet was mostly on university unix machines, and no one had to be concerned with security unless they had secrets to hide, I sat and read my mail, and suddenly a picture of Cindy Crawford popped up on my screen. Well, nowdays such things happen all the time if you don't have popup protection.
But what had happened was that some friends of mine studying in another town, had read from the totally open user list on my school's server, and found out exactly which machine I was logged into, and then they started a program on their machine, but let the display be on my machine hundreds of miles away.

Oh, I'm sorry, I'm a bit off topic here, but at least I think I gave an answer to the question asked smile

Offline

#7 2006-05-24 01:11:32

luisrobles
Member
Registered: 2006-03-12
Posts: 34

Re: How to start a window as root in X

If you want login as root over GNOME, in GDM press F10 (or F12?) and type the root password. After that, in some option somewhere activate the option "accept login as root" (or something). I'm in a Windows Machine Right now!! SORRY!!!


COMPAQ V2417LA NOTEBOOK powered by Arch Linux:
AMD Sempron 3000+ | 512MB 333DDR | HD 60GB | 14'' WXGA Wide | DVD+-RW | Logitech MX510 RED.

[ NOKIA N-gage QD ]
[ PALM Tungsten T2 ]

Offline

#8 2006-05-25 01:09:07

sh__
Member
Registered: 2005-07-19
Posts: 271

Re: How to start a window as root in X

filoktetes wrote:

Windows users aren't getting in trouble because they run programs with Administrator priveleges, they get in trouble because they download obscure binaries from doubtful websites, and then decide to run them with Administrator priveleges.

I don't think that's the main reason for security problems in Windows.

The thing is, most programs have bugs. The more complex a program is, the more likely it is to contain bugs. Think of IE, that's a huge pile of... code.

Some of the bugs can be exploited to run arbitrary code on the machine. The problem with Windows is that most of the applications are running with administrator privileges. An exploit can then compromise the whole machine, unlike in Linux where the most complex applications are typically run with ordinary user permissions.

You have probably started the X server as your normal user, and in Arch, that means only your normal user will be allowed to open windows, not even root will be allowed.

Actually this depends on the window manager/desktop environment.

And if you have a network at home, you can let all the users on any machine open windows on your machine, like this:

$xhost +

It will probably let anyone on the internet open windows as well, but the programs will be running on their computers.

This is like tearing a hole of goatse size on your computer.

The problem with this one is that it does not just let anyone "open windows" on your computer, it also allows access to the running display environment. In an X session, the display consists of the screen and also of the input devices such as mouse and keyboard. Allowing anyone to connect to your display means that they can read those resources as well. So anybody could take screencaptures, record your keystrokes etc..

If you need to run X applications remotely, there are safer alternatives like ssh -X.

I remember a long time ago, in 1993, when the internet was mostly on university unix machines, and no one had to be concerned with security unless they had secrets to hide, I sat and read my mail, and suddenly a picture of Cindy Crawford popped up on my screen. Well, nowdays such things happen all the time if you don't have popup protection.

The difference is that the popups are opened by a local application (the browser) and require that the user triggers some action (a visit to a spam site), whereas Cindy popped onto your screen from a remote machine without your interaction.

Offline

#9 2006-05-25 09:12:44

filoktetes
Member
From: Skien, Norway
Registered: 2003-12-29
Posts: 286

Re: How to start a window as root in X

An exploit can then compromise the whole machine, unlike in Linux where the most complex applications are typically run with ordinary user permissions.

Yes, I agree, this is also a big security problem in windows, and I'm not suggesting that Linux users should run their whole system as root.

What I meant was that, if someone needs to run some configuration gui tool or whatever as root, there will probably not be a higher risk for a normal home user to start it from a root shell than from sudo. I know the risk can be higher if someone is activly trying to break into your system, but if you're not a big enteprise with lots of trade secrets, probably no one is trying, and you're safe.

This is like tearing a hole of goatse size on your computer.

Yes I know, I just wanted to tell a tale of the good old days, when we didn't have to lock our doors...I should have warned about doing this while connected to the internet.

My main point is that some people think normal home users should have the same security concerns as a big enteprise. I think that is unpratical and a bit paranoid. If you make regular backups of your valuable data, you can use your linux system in the way that seems most practical to you. There are very little risk that anyone will compromise your system, and if someone does, uneless you have nasty secrets on your hard drive, what harm can they do?

Offline

#10 2006-05-26 07:54:45

clank
Member
Registered: 2005-04-11
Posts: 35

Re: How to start a window as root in X

Additionally, if you're using KDE there's a "run as" option in the run command dialog.  But if you're using iceWM, then sudo will probably be the most convenient method.  If for some reason you're one of those people, you could put the command in a script that disables the access control to X only temporarily.  The program opened by root can still function just fine even if the control list is re-enabled.

By the way, has anyone here even heard of a linux machine getting attacked from a root-browser exploit?  I know I can't think of any.  I've heard of proof-of-concepts, but never any real-world events.  More likely than anything, something meant to run in the background at all times, like say an ssh or ftp server, will be the target.  Who the hell is actually trying to exploit konqueror and epiphany?!  That would be like setting up a device on your roof that's meant to catch meteorite's;  the odds of being able to use it in the real world are between approaching none and none.  Although security through obscurity is not the best course in theory, for all practical purposes (read: home users, not a web server sitting at HP) you're much better off than someone on windows running symantec.


=> Now known as jb

Offline

Board footer

Powered by FluxBB