You are not logged in.
Pages: 1
Topic closed
i know it is considered very bad to log to the desktop environment as root. instead it is recommended to single applications as root with su or to work as root n the console
i do login as root when i am up to manage the computer. it is simply another work experience when you can freely work on the desktop with write access to everything. instead of su'ing all the time or running the apps with & from root console window you can actually do your management efficiently
what i dont understand is why it is considered bad
what leads me are the following assumptions
- i am less likely to move to recycle bin the wrong folder with the mouse than to rm -rf it in the console
- i trust X and KDE not to decide : hey ash logged in to us as root. lets abuse the power we've got and mke2fs his hard drive
- i can reinstall arch in few hours (of which most are spent in waiting for X and the desktop environment to download from the internet). i can also move the hard drive to another box and mount my home partition there. i can never restore the contents of my home folder. a non-root user still has access to all the stuff that cannot be restored. the os is less important
- if someone can access my computer from outside when i am root i suppose he can to this as well when i am user. this means the computer is insecure and not that i should not log in as root
- i dont run any servers like ssh / ftp / nfs and so on. and even if yes then i dont see how the identity of users currently logged in can affect the power that gets some1 who breaks into one of those servers
Offline
This only answers the question of a graphical file manager, but if you want to use something like Dolphin or Nautilus to delete files as root, you can use `kdesudo dolphin` for KDE and `gksudo nautilus` for GNOME.
[ lamy + pilot ] [ arch64 | wmii ] [ ati + amd ]
Offline
i open and close multiple windows and apps like text editor and konsole. i also want to run stuff like lilo quickly from alt F2
its simply another experience than when you have to kdesu for each thing you open
Offline
You browse the web as root?
Sounds like a strange way to simply have 'another experience'. Try another DM/WM instead, maybe?
Logging in as root is like running around with a loaded gun tucked into your belt. At best, maybe you'll only hurt someone else.
M*cr*s*ft: Who needs quality when you have marketing?
Offline
The best thing would be for you to continue using your desktop environment as root.
Sooner or later, you'll see for yourself why it's considered bad practice...just don't say we didn't warn ya
The day Microsoft makes a product that doesn't suck, is the day they make a vacuum cleaner.
--------------------------------------------------------------------------------------------------------------
But if they tell you that I've lost my mind, maybe it's not gone just a little hard to find...
Offline
There are a number of issues besides having read write access to the entire filesystem.
When you execute an application, the application (and all it's child processes) have the same rights that that user has. For example, say you open firefox, firefox now has full administrative privileges to your entire filesystem. If you then visit a webpage which takes advantage of a vulnerability in FF or flash, then it could then take control of your machine.
This is obviously not a minor problem, and can be extended to a variety of similar scenarios.
As such it is FAR better and safer to run as a non-root user at all times. I rarely need to log in as root user on my desktop, the times I run sudo tend to be when editing system configuration, or running pacman. The rest of my user experience is fine, as my machine is correctly configured, I can open and close all the files mounted on external machines / drives and surprisingly all my documents are created with that user, so again no significant problems.
I would recommend that you get used to working as a standard user. It's much safer in the long run, plus you don't run the same risk of cocking your system up entirely by accident.
Offline
the question is why not to log in to root when you are up to maintenance of the computer. the 'other exprience' thing is in having full permissions to do whatever you want in the session
the question is not about normal use of the computer as root
i did use the desktop as root for my 1st few months in linux (i had some pernmissions issues and did not know about /etc/group). i did not screw up my system just cause i was root
i am normal user now only cause i want to let myself be less carefull in everything i do. but when i am up to manage the computer (and should think before i do) i want instant full control
Offline
I have no idea as to the solution, nor do I think it is a good idea, but let's stop debating the usefulness of what he wants and try to help
UPDATE: ... Just found the solution on Google. Search, please
I do HIGHLY recommend not doing this, though. All it takes is one malicious script. On the other hand, if you're a normal user with infrequent 'sudo'ing, you know to be suspicious when something wants root...
Offline
open a terminal and type su -, job done or just go to a different VC and do it there, dont know why you need to use X specifically as root to do maintenance
Offline
I don't see why it is bad myself as long as you don't do something stupid or connect to the internet. I personally wouldn't do it, not because I'm paranoid, but because I don't need root to do anything I do in X.
I mean, when you think about it, everyone who uses xdm runs a simple X environment as root.
But just don't get too comfortable in it.
Still, I must say I don't see why you would want to do so. Unless you want to run two X servers at the same time, you won't be able to do any normal stuff while doing admin stuff, which is probbably more of a pain than having to invoke sudo for everything you do.
Last edited by sokuban (2008-11-25 02:59:25)
Offline
Prediction...This year will be a very odd year!
Hard work does not kill people but why risk it: Charlie Mccarthy
A man is not complete until he is married..then..he is finished.
When ALL is lost, what can be found? Even bytes get lonely for a little bit! X-ray confirms Iam spineless!
Offline
open a terminal and type su -, job done or just go to a different VC and do it there, dont know why you need to use X specifically as root to do maintenance
Seconded.
Maybe, perhaps, you could grab a copy of the GNU Screen and Midnight Commander file manager and do your administration on the console.
Offline
Somebody mentioned you'll have to try it to see what it's like. Haha. That should be a huge hint. It's not just for general safety reasons. You're not just relying on yourself by running X as root, your relying on every last line of code in every application of your system to be perfect, and for your computer to execute them all perfectly, 100% of the time. These applications are full of scripts, intended write directories, permissions, etc. and alot of them are not perfectly refined. The vast majority were never meant to be used with X running as root. Same exact reason why you run makepkg as user. Think about that. You're protecting yourself as much from the well-meaning community of Linux as you are yourself, and from hackers. Why give direct system access to applications that don't want or even need it?
Maybe it's just me, but it seems I've had constant issues with Linux when running X as root, and almost no issues otherwise. That's the reason I tell people not to do it. Anyway, hope it worked out for you. I didn't get much of anything out of it except major headaches. Some people say they've never had problems I guess.
Offline
From much of the above comments, it's amazing that every puppy linux user's system isn't completely borked.
Offline
Puppy linux runs in ram so it can use root without having problems; simply reboot from cd and any problem is wiped.
A side note, have operated as root for five years in arch...see my post count...no problems.
Prediction...This year will be a very odd year!
Hard work does not kill people but why risk it: Charlie Mccarthy
A man is not complete until he is married..then..he is finished.
When ALL is lost, what can be found? Even bytes get lonely for a little bit! X-ray confirms Iam spineless!
Offline
Hello 11010010110,
You can even auto login to root if you wish, ( I am already loggig in as root for so many years without any problem, as I need full control over my computer). Just edit the file /usr/share/config/kdm/kdmrc.
My kdmrc is as follows
[General]
ConfigVersion=2.4
ConsoleTTYs=tty1,tty2,tty3,tty4,tty5,tty6
PidFile=/var/run/kdm.pid
ReserveServers=:1,:2,:3
ServerVTs=-7
StaticServers=:0
[Shutdown]
BootManager=None
HaltCmd=/sbin/halt
RebootCmd=/sbin/reboot
[X-*-Core]
AllowNullPasswd=false
AllowRootLogin=true
AllowShutdown=Root
AutoReLogin=false
ClientLogFile=.xsession-errors-%d
Reset=/usr/share/config/kdm/Xreset
Session=/usr/share/config/kdm/Xsession
SessionsDirs=/usr/share/config/kdm/sessions,/usr/share/apps/kdm/sessions
Setup=/usr/share/config/kdm/Xsetup
Startup=/usr/share/config/kdm/Xstartup
[X-*-Greeter]
AntiAliasing=true
BackgroundCfg=/usr/share/config/kdm/backgroundrc
ColorScheme=
FaceSource=PreferAdmin
FailFont=Sans Serif,10,-1,5,75,0,0,0,0,0
FocusPasswd=true
ForgingSeed=1243553246
GUIStyle=
GreetFont=Serif,20,-1,5,50,0,0,0,0,0
GreetString=Welcome to %s at %n
GreeterPos=50,50
HiddenUsers=
Language=en_US
LogoArea=Logo
LogoPixmap=/usr/share/apps/kdm/pics/kdelogo.png
MaxShowUID=65000
MinShowUID=0
Preloader=/usr/bin/preloadkde
PreselectUser=Previous
SelectedUsers=???????,root
ShowUsers=Selected
SortUsers=true
StdFont=Verdana,10,-1,5,50,0,0,0,0,0
Theme=/usr/share/apps/kdm/themes/circles
UseBackground=true
UseTheme=true
UserCompletion=false
UserList=true
[X-:*-Core]
AllowNullPasswd=true
AllowShutdown=All
NoPassEnable=false
NoPassUsers=
ServerArgsLocal=-nolisten tcp
ServerCmd=/usr/bin/X
[X-:*-Greeter]
AllowClose=false
DefaultUser=avahi
FocusPasswd=true
LoginMode=DefaultLocal
PreselectUser=Previous
[X-:0-Core]
AutoLoginEnable=true
AutoLoginLocked=false
AutoLoginPass=?????????
AutoLoginUser=root
ClientLogFile=.xsession-errors
[Xdmcp]
Enable=false
Willing=/usr/share/config/kdm/Xwilling
Xaccess=/usr/share/config/kdm/Xaccess
Offline
Offline
Pages: 1
Topic closed