You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2009-04-23 04:15:28
- darthaxul
- Member
- Registered: 2008-09-24
- Posts: 156
user vs system accounts
http://wiki.archlinux.org/index.php/Dis … o_password
I was researching this stuff and wanted to know why linux integrates user accounts with system accounts.
For me it makes more sense to separate the two, system accounts only run stuff; user accounts to manage everything.
For example like root, full controll over the system and yet people can log on with it. Shouldn't there be some kind of separation for lack of a better term, between the two. And also its just plain confusing whenever more than 1 person is logged on as root because (by default) theres no way of auditing users like that. I'm wondering it just might be a comprimise between having a universal OS that everyone can understand.
Offline
#2 2009-04-23 05:35:15
- fukawi2
- Ex-Administratorino
- From: .vic.au
- Registered: 2007-09-28
- Posts: 6,231
- Website
Re: user vs system accounts
I don't understand your question... What do you mean "Linux integrates user accounts with system accounts"? Are you saying users shouldn't be allowed to execute things? How would anything work?
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
#3 2009-04-23 06:09:32
- tomk
- Forum Fellow
- From: Ireland
- Registered: 2004-07-21
- Posts: 9,839
Re: user vs system accounts
darthaxul - root is not a system account. root is a user, often referred to as the superuser. There are some things that can only be done by root, and they're not going to get done unless someone logs on as root, so that's why "people can log on with it".
System accounts are those that are used exclusively by applications installed on your system, e.g. the hal, dbus and http accounts. These are not accessible by ordinary users.
Offline
#4 2009-04-23 18:26:32
- darthaxul
- Member
- Registered: 2008-09-24
- Posts: 156
Re: user vs system accounts
Like when I start the computer, log on as my desktop user; there are programs and services running as root. Its just wrong if u think about it, and misleading, root never logged on and ran those programs, it was the system that runs those root-priveledged programs, so why not call those root-priveledged programs a different name other that root? and when the user root does actually log on and run things, people know that it is a user, and not a system program.
For me it makes sense to get rid of the root account completely(or make it a system account only), thereby separating user accounts from system/daemon accounts, and impliment a delegation/promotional type of system similar to sudo. The priveledged users would be able to start programs and install system stuff.
Offline
#5 2009-04-23 21:56:31
- sand_man
- Member
- From: Australia
- Registered: 2008-06-10
- Posts: 2,164
Re: user vs system accounts
Umm...is it really that big of a deal? Is it confusing you?
Offline
#6 2009-04-23 22:44:56
- fukawi2
- Ex-Administratorino
- From: .vic.au
- Registered: 2007-09-28
- Posts: 6,231
- Website
Re: user vs system accounts
Like when I start the computer, log on as my desktop user; there are programs and services running as root. Its just wrong if u think about it, and misleading, root never logged on and ran those programs
Well ideally, each of these processes that was started by init (which was running as root because it needs the privileges of root) should be running as their own user (eg, web server running as http, MySQL running as mysql etc) but a lot of these services do actually require root privileges for one reason or another. If you were to rewrite the kernel to support a 'root' user account and a 'root' system account, you've just doubled the risk of someone gaining superuser access to the system.
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
Pages: 1