Arch and community's attitude towards 'root'

Dumbledore · 2011-07-26 14:45:37

Dear *,

I've been debating this with myself for a long time. I use the 'root' account. Don't hang me yet. I'm still making up my mind. Which is why this thread.

I've used Ubuntu for some time before I came to ArchLand. There we obviously work as mundane 'user's. The problem is I find sudo doesn't let me 'do' anything much. When I started with Arch, I found myself at home in the root account and have always stayed that way. I've read a lot on the security issues with the root account but I'm still not sold. Most people only preach it as gospel. Some people give valid reasons. But Arch is the only distro where I've found that people preach the least. About this as well as other things. So I thought it'll be a good quality control to receive criticism and support here.

The reasons I've usually seen are thus:

> You'll end up deleting something really important belonging to:

>> You: My defence to that is that I can do that similarly stupidly on my /home/username/ files anyway! Right! So just because I'm using sudo does not save me from deleting my own files anyway. And I keep a double backup not more than a few days old at all times!

>> Someone else: Now, I use a laptop that "only" I work on. And I don't think that anyone will ever work on my laptop (too possessive about my machine!) at least as a permanent user to warrant his/her own /home setup. So that is no problem either.

>> System: Now, I agree to this completely as a risk. However in my now considerable use of linux, I've ended up breaking my system only a few times, most of which happened in Ubuntu with sudo most probably because I was new and inexperienced in *nix way of doing things. Going as root has taught me in stead to be extra careful as a second nature. Even then, I believe that one can not be too cautious. However, I have multiple views on this:

>>> Since these are system files we are talking about, even if I was running as a user, I'd be using sudo to work with them, which means if I was being stupid I'll mess up anyway and sudo won't 'magically' save me from my own foolishness.
>>> I find that even if I mess up my system once in 6 months (which I don't, but just for argument's sake), the productivity loss in terms of taking a day to setup Arch back (with my backups) is MUCH less than the productivity loss I've always experienced in running with sudo. I keep forgetting prepending sudo, writing scripts is a pain with all those exotic options, etc. etc. I know I can edit the sudoers file but that just beats the principle of sudo anyway! Innit?

> Malignant software: Now this is another area where I don't see how sudo is really useful at all. If I'm running code from someone else, it'll usually come from the Arch or AUR repositories. Not that that is foolproof, but come on, you guys and the open-source community _are_ awesome! Plus ESR's eyeball argument. We know malignant software is _almost_ unprecedented in Linux. Also, again, sounding like a broken record, I'd be using sudo to install (and probably run) that software which leaves me with no safety once the password has been entered.

> The only "really" dangerous reason I've ever come across that I don't have a good rationalization or counter-argument against is: virii and the possibility of someone taking over the machine virtually (rootkits or something else) and using my stupidity of running as root to use my machine to launch attacks against others. Now this I can't argue against. I don't know how possible this is under the present scenario (boy, I hope not much!) but I'd like to know from you guys. What do you think about this risk. Is there any benefit of running as sudo or root here? Plus I don't want others to be hurt because of my stupidity in the FOSS community.

So that is my dilemma. Will love to hear what you guys think about this issue. If you think I'm deluding myself with what I said above, please explain how and I'll be indebted. If you think there are more reasons to run as sudo or root, I'd love to hear. Even though I think sudo is a big pain in the a**, I don't mind living with it if I'm convinced that it is "sufficiently" more secure to offset the pain in the a**.

Just last thing, I also hate that I can't use gnome-screensaver with root. I know and _agree_ with the reasons for that. Just saying.

Last edited by Dumbledore (2011-07-26 14:46:09)

litemotiv · 2011-07-26 14:51:15

Moving this to GNU/Linux Discussion since it goes beyond Arch.

Dumbledore · 2011-07-26 14:52:52

Umm.. Oops! and Thanks!

tomk · 2011-07-26 14:54:52

Others may try to convince you it's stupid to use root, but not me. Apparently, you've convinced yourself it's OK, so go ahead - it's your system, your risk.

Inxsible · 2011-07-26 14:55:32

tomk wrote:

Others may try to convince you it's stupid to use root, but not me. Apparently, you've convinced yourself it's OK, so go ahead - it's your system, your risk.

Amen !

You break it, you buy it !

Things to think about : network security. If you are never going to get to the internet, you are probably alright. But if you are going to use root account and connect to a network, you might wanna make sure that you also have network security down pat. That would include your router/switch etc. as well.

Cyrusm · 2011-07-26 14:59:53

Generally speaking, the members of the Arch community don't like telling other people how to live their lives. It's your box, you may manage it in any wacky and creative way that you see fit. In my opinion, there are several distinct security reasons for using sudo, or at least primarily using a user account as opposed to the root account; however, you have hit most of the major points and I see no reason to argue with you in those regards.

One advantage to using a user account is having your user account on a separate hard drive partition from root. This will enable you to more easily rescue your system with minimal risk of loss of personal data should something happen to your root files. along similar lines, with a separate user partition you may more easily install alternate linux distributions while maintaining your same home directory.

Dumbledore · 2011-07-26 15:00:31

I do _lean_ towards root; I admit. Also, I'm happy to take the risk that affects only me.

But as I asked at the end, am I a substantial risk for other people by being connected to the network while running as root? Wish someone'll clarify.

karol · 2011-07-26 15:01:41

You need regular, tested backups anyway, right? No shame in using them from time to time :-P

Last edited by karol (2011-07-26 15:01:54)

Dumbledore · 2011-07-26 15:02:09

Cyrusm wrote:

One advantage to using a user account is having your user account on a separate hard drive partition from root. This will enable you to more easily rescue your system with minimal risk of loss of personal data should something happen to your root files. along similar lines, with a separate user partition you may more easily install alternate linux distributions while maintaining your same home directory.

Thanks Cyrusm. I do that presently. I mean keep /root on a seperate partition. Learned it after screwing up my Ubuntu installs.

Last edited by Dumbledore (2011-07-26 15:04:21)

WorMzy · 2011-07-26 15:05:04

tl;dr it all

Dumbledore wrote:

The problem is I find sudo doesn't let me 'do' anything much.

Then you're doing it wrong.

I see no reason to run everything as root, but each to their own.

Dumbledore · 2011-07-26 15:09:22

WorMzy wrote:

tl;dr it all
Then you're doing it wrong.

tl;dr???

Care to explain the wrong part. Right now, I'm looking for opinions so won't mind helpful criticism.

Inxsible · 2011-07-26 15:09:59

oh I just remembered one thing that can hit you:

It is recommended and implored that you NOT use the root account or even sudo to install anything from AUR. So I can upload PKGBUILDS that screw up your root drive in some way and if you were to ever install a package which is malicious you would have to make use of your latest backups wasting precious time. If this were to happen when you have to finish up a report or when you have to finish some work, it can be tedious.

bottom line : Make sure you understand each and every line of the PKGBUILD if and when you install any package from AUR. (and never install any of the packages that I maintain --now that i know you are using a root account -- I am changing all my packages to screw you over )

WorMzy · 2011-07-26 15:14:47

Yeah, I'm lazy.

I can't really explain the wrong part without knowing why you think that sudo won't let you do anything. So long as you're set up sudoers (and added yourself to wheel, if necessary), sudo will let you do anything that the root account is capable of doing. If you need to run several commands as root, then you can still use su (or sudo -i) to get a root shell, so you don't have to prepend "sudo" onto every command.

karol · 2011-07-26 15:18:48

Inxsible wrote:

bottom line : Make sure you understand each and every line of the PKGBUILD if and when you install any package from AUR. (and never install any of the packages that I maintain --now that i know you are using a root account -- I am changing all my packages to screw you over )

Inxsible, are you a Forum Admin or a Fscking A******? ;P

@OP
http://en.wikipedia.org/wiki/Principle_ … _privilege

Last edited by karol (2011-07-26 15:23:28)

Cloudef · 2011-07-26 15:18:53

If you run everything as root, especially some application that has security hole. Somebody can gain access to your whole system through that application. However if not access to whole system, they can do some other bad things since the application runs as root.

or, someday you grab a binary from net and do ./some_binary and ta-dah `rm -rf /` then again this can also be avoided by common sense.

However, I doubt anyone will attack your system personally.

Last edited by Cloudef (2011-07-26 15:20:32)

lifeafter2am · 2011-07-26 15:27:41

Dumbledore wrote:

Dear *,
I've been debating this with myself for a long time. I use the 'root' account. Don't hang me yet. I'm still making up my mind. Which is why this thread.
I've used Ubuntu for some time before I came to ArchLand. There we obviously work as mundane 'user's. The problem is I find sudo doesn't let me 'do' anything much. When I started with Arch, I found myself at home in the root account and have always stayed that way. I've read a lot on the security issues with the root account but I'm still not sold. Most people only preach it as gospel. Some people give valid reasons. But Arch is the only distro where I've found that people preach the least. About this as well as other things. So I thought it'll be a good quality control to receive criticism and support here.
The reasons I've usually seen are thus:
> You'll end up deleting something really important belonging to:
>> You: My defence to that is that I can do that similarly stupidly on my /home/username/ files anyway! Right! So just because I'm using sudo does not save me from deleting my own files anyway. And I keep a double backup not more than a few days old at all times!
>> Someone else: Now, I use a laptop that "only" I work on. And I don't think that anyone will ever work on my laptop (too possessive about my machine!) at least as a permanent user to warrant his/her own /home setup. So that is no problem either.
>> System: Now, I agree to this completely as a risk. However in my now considerable use of linux, I've ended up breaking my system only a few times, most of which happened in Ubuntu with sudo most probably because I was new and inexperienced in *nix way of doing things. Going as root has taught me in stead to be extra careful as a second nature. Even then, I believe that one can not be too cautious. However, I have multiple views on this:
>>> Since these are system files we are talking about, even if I was running as a user, I'd be using sudo to work with them, which means if I was being stupid I'll mess up anyway and sudo won't 'magically' save me from my own foolishness.
>>> I find that even if I mess up my system once in 6 months (which I don't, but just for argument's sake), the productivity loss in terms of taking a day to setup Arch back (with my backups) is MUCH less than the productivity loss I've always experienced in running with sudo. I keep forgetting prepending sudo, writing scripts is a pain with all those exotic options, etc. etc. I know I can edit the sudoers file but that just beats the principle of sudo anyway! Innit?

While this is indeed a risk, it is not the most critical one. I have, as you said, totally f'ed up system files using sudo as well; but it does prevent you from the hassle of rm -rvf in the wrong directory.

> Malignant software: Now this is another area where I don't see how sudo is really useful at all. If I'm running code from someone else, it'll usually come from the Arch or AUR repositories. Not that that is foolproof, but come on, you guys and the open-source community _are_ awesome! Plus ESR's eyeball argument. We know malignant software is _almost_ unprecedented in Linux. Also, again, sounding like a broken record, I'd be using sudo to install (and probably run) that software which leaves me with no safety once the password has been entered.

Malignant software is unprecedented BECAUSE of the permissions system. I can show you tons of rootkits / key loggers / etc., but unless you are running as root, they can't touch important system files. This includes running programs like Firefox, Chrome, etc. There is a reason that infections have changed in the Windows 7 era (moving to looking more like legit programs vs straight infections), and that is because they now have a permission system that makes the user do something before anything can be installed / modified at the system level. As for using the AUR, you better know how to read the PKGBUILD and INSTALL files if you are using sudo .... and even then you really shouldn't be using sudo with the AUR. Of course, to be fair, without package signing, the argument could also be made that you shouldn't install anything from the repo's either .... but that's another topic entirely.

> The only "really" dangerous reason I've ever come across that I don't have a good rationalization or counter-argument against is: virii and the possibility of someone taking over the machine virtually (rootkits or something else) and using my stupidity of running as root to use my machine to launch attacks against others. Now this I can't argue against. I don't know how possible this is under the present scenario (boy, I hope not much!) but I'd like to know from you guys. What do you think about this risk. Is there any benefit of running as sudo or root here? Plus I don't want others to be hurt because of my stupidity in the FOSS community.

Look, its your risk; and it's totally feasable that because you wish to run as someone who has uber access to everything that you can get hacked. There is a reason that the permission systems put in place in *NIX systems are copied and used throughout other systems. Especially if you take place in things like torrenting / visiting iffy sites (even pr0n) etc. And god help you if you don't have a strong firewall!!

So that is my dilemma. Will love to hear what you guys think about this issue. If you think I'm deluding myself with what I said above, please explain how and I'll be indebted. If you think there are more reasons to run as sudo or root, I'd love to hear. Even though I think sudo is a big pain in the a**, I don't mind living with it if I'm convinced that it is "sufficiently" more secure to offset the pain in the a**.
Just last thing, I also hate that I can't use gnome-screensaver with root. I know and _agree_ with the reasons for that. Just saying.

Look, hands down its your choice; and it seems like you made your decision, you are the one who has to live with them. Personally, I think its stupid, and presents needless risk. Heck, I love the fact that I can visit and screw around with stuff / sites that others can't, simply because of the bad-ass permission / firewalling that is inherent in my system. Personally I don't see how sudo is a PITA, but then again I have been using it since I started using Linux (close to 14 years), so maybe I am just used to it.

Leonid.I · 2011-07-26 15:29:29

Three observations:
1. What if you store your passwords/bank data/etc on the hard drive?
2. Some software like xscreensaver is not going to run as root.
3. You have quite strange admin style if you have to touch system flles 10 times a day...
Regarding *buntu, I think that with the whole sudo stuff they actually nuked security rather than increase it. I have seen numerous *buntu users who just mindlessly fire up sudo <command> and have 6 char user passwords... what is the rationale?

Finally, this s quite strange discussion indeed, since even Microsoft appreciates priviledge separation these days.

ANOKNUSA · 2011-07-26 15:36:36

Your machine, your risk. I don't see the sense in it, but that's just paranoid ol' me, isn't it? The big risks have already been mentioned, namely leaving you open to rootkits and such and building packages as the root user. When it comes to other machines on a network, sure: someone could set up shop in your system and use it to gain access to other machines. This risk is substantially greater, though, if you're using public wifi or an LAN at work/school/whatever, than it is if you're sitting at home surfing. If you regularly connect to Windows systems, you could easily become a carrier for malware as someone uses your system as a hub, but that's a risk anyone who shares with a Windows box takes even as a regular user.

Dumbledore · 2011-07-26 15:39:56

Inxsible wrote:

It is recommended and implored that you NOT use the root account or even sudo to install anything from AUR. So I can upload PKGBUILDS that screw up your root drive in some way and if you were to ever install a package which is malicious you would have to make use of your latest backups wasting precious time. If this were to happen when you have to finish up a report or when you have to finish some work, it can be tedious.
bottom line : Make sure you understand each and every line of the PKGBUILD if and when you install any package from AUR. (and never install any of the packages that I maintain --now that i know you are using a root account -- I am changing all my packages to screw you over )

May be I should start taking you seriously. I do just take the AUR scripts on trust (or probably laziness). Will keep this in mind.

Dumbledore · 2011-07-26 15:48:29

WorMzy wrote:

Yeah, I'm lazy.
I can't really explain the wrong part without knowing why you think that sudo won't let you do anything. So long as you're set up sudoers (and added yourself to wheel, if necessary), sudo will let you do anything that the root account is capable of doing. If you need to run several commands as root, then you can still use su (or sudo -i) to get a root shell, so you don't have to prepend "sudo" onto every command.

Hmm.. I think it really boils down to the fact that I'm lazy too. I don't mind working with sudo at the prompt so much as taking care of it in the scripts. Like I said, I haven't done too much of it but when I tried doing it I was quite hassled. These days if I absolutely need it I write a regular script and then write a wrapper to call it with sudo.

This discussion has been helpful. I am thinking I should reconsider going back to being a mere mortal.

Inxsible · 2011-07-26 15:51:43

Dumblodore wrote:

This discussion has been helpful. I am thinking I should reconsider going back to being a mere mortal.

What !! No !!!

I am half way done in changing my PKGBUILDS. don't make me change them back again.

Dumbledore · 2011-07-26 15:51:53

lifeafter2am wrote:

Personally I don't see how sudo is a PITA, but then again I have been using it since I started using Linux (close to 14 years), so maybe I am just used to it.

I am sure that is it.
Although, it does tell me that a few years from now, I can say that to the naives like myself too.

Dumbledore · 2011-07-26 15:53:02

Inxsible wrote:

Dumblodore wrote:
This discussion has been helpful. I am thinking I should reconsider going back to being a mere mortal.
What !! No !!!
I am half way done in changing my PKGBUILDS. don't make me change them back again.

Go do that to Windoze lusers.

Inxsible · 2011-07-26 15:58:29

Dumbledore wrote:

But Arch is the only distro where I've found that people preach the least. About this as well as other things.

Dumbledore wrote:

This discussion has been helpful. I am thinking I should reconsider going back to being a mere mortal.

Do you realize what just happened here? We converted you without you realizing it and that too in under 20 posts !!

The power that Arch users hold !!!!

lilsirecho · 2011-07-26 16:01:11

I am soon 86 years old. I have been in Linux for 11 years. I run all my systems in root.

I have no fear of anyone usimng my computer since it isn't windows and have had no viruses nor intrusion from any source, packages or otherwise in all those years. Check my post numbers.

At present I have 79GB bootable raid0 archlinux...another non-appreciayed mode of operation.

It is also root.

Only drawback is some packages are not allowed to run in root.

Some have easy workarounds but not all.

Enjoy your root..........

Arch Linux

#1 2011-07-26 14:45:37

Arch and community's attitude towards 'root'

#2 2011-07-26 14:51:15

Re: Arch and community's attitude towards 'root'

#3 2011-07-26 14:52:52

Re: Arch and community's attitude towards 'root'

#4 2011-07-26 14:54:52

Re: Arch and community's attitude towards 'root'

#5 2011-07-26 14:55:32

Re: Arch and community's attitude towards 'root'

#6 2011-07-26 14:59:53

Re: Arch and community's attitude towards 'root'

#7 2011-07-26 15:00:31

Re: Arch and community's attitude towards 'root'

#8 2011-07-26 15:01:41

Re: Arch and community's attitude towards 'root'

#9 2011-07-26 15:02:09

Re: Arch and community's attitude towards 'root'

#10 2011-07-26 15:05:04

Re: Arch and community's attitude towards 'root'

#11 2011-07-26 15:09:22

Re: Arch and community's attitude towards 'root'

#12 2011-07-26 15:09:59

Re: Arch and community's attitude towards 'root'

#13 2011-07-26 15:14:47

Re: Arch and community's attitude towards 'root'

#14 2011-07-26 15:18:48

Re: Arch and community's attitude towards 'root'

#15 2011-07-26 15:18:53

Re: Arch and community's attitude towards 'root'

#16 2011-07-26 15:27:41

Re: Arch and community's attitude towards 'root'

#17 2011-07-26 15:29:29

Re: Arch and community's attitude towards 'root'

#18 2011-07-26 15:36:36

Re: Arch and community's attitude towards 'root'

#19 2011-07-26 15:39:56

Re: Arch and community's attitude towards 'root'

#20 2011-07-26 15:48:29

Re: Arch and community's attitude towards 'root'

#21 2011-07-26 15:51:43

Re: Arch and community's attitude towards 'root'

#22 2011-07-26 15:51:53

Re: Arch and community's attitude towards 'root'

#23 2011-07-26 15:53:02

Re: Arch and community's attitude towards 'root'

#24 2011-07-26 15:58:29

Re: Arch and community's attitude towards 'root'

#25 2011-07-26 16:01:11

Re: Arch and community's attitude towards 'root'

Board footer