You are not logged in.

#1 2009-11-10 20:53:50

milomak
Member
Registered: 2009-11-04
Posts: 61

Dangers of running yaourt as root?

it asks for the sudo password (on my system only the root password makes sudo work). So what can it do when I am logged in as root that it can't do when I give the sudo password?

Offline

#2 2009-11-10 21:12:14

loafer
Member
From: the pub
Registered: 2009-04-14
Posts: 1,772

Re: Dangers of running yaourt as root?

Post your sudoers file.  As far as I know it should authenticate the user who is running sudo, not root. 

Basically it can do the same things. 

The benefits are, for example:

(1) You have to consciously choose to use sudo (rather than staying logged in as root).
(2) Once the command completes you no longer have root privileges.
(3) It will time out and you need to re-enter the password when running sudo again.
(4) You can restrict which users have access to do certain things

etc.

Last edited by loafer (2009-11-10 21:14:54)


All men have stood for freedom...
For freedom is the man that will turn the world upside down.
Gerrard Winstanley.

Offline

#3 2009-11-10 21:17:31

tomk
Forum Fellow
From: Ireland
Registered: 2004-07-21
Posts: 9,839

Re: Dangers of running yaourt as root?

You should build packages as user, not root - regardless of the choice of build tool.

You only need to be root to install packages.

Offline

#4 2009-11-10 21:20:15

milomak
Member
Registered: 2009-11-04
Posts: 61

Re: Dangers of running yaourt as root?

tomk wrote:

You should build packages as user, not root - regardless of the choice of build tool.

You only need to be root to install packages.

what's the thinking behind this?

Offline

#5 2009-11-10 21:36:16

fukawi2
Ex-Administratorino
From: .vic.au
Registered: 2007-09-28
Posts: 6,237
Website

Re: Dangers of running yaourt as root?

milomak wrote:
tomk wrote:

You should build packages as user, not root - regardless of the choice of build tool.

You only need to be root to install packages.

what's the thinking behind this?

Security of your system. If you aren't root while building a package, then a poorly written PKGBUILD or configure script etc can't wipe out /usr or similar (rm -Rf / perhaps)

You have to be root to allow installation to /usr and /bin etc but if you only upgrade to root for this stage, then pacman can perform it's normal 'safety' checks such as not overwriting existing files (that don't belong to the package you are installing / upgrading).

Last edited by fukawi2 (2009-11-10 21:36:41)

Offline

#6 2009-11-10 22:26:43

sand_man
Member
From: Australia
Registered: 2008-06-10
Posts: 2,164

Re: Dangers of running yaourt as root?

The bottom line is, you only need to be logged in as or use the root account for the absolute bare minimum for security reasons.
That is why some distros actually disable the root account (not that I agree with this).


neutral

Offline

Board footer

Powered by FluxBB