Arch and community's attitude towards 'root'

lifeafter2am · 2011-07-26 16:01:22

Inxsible wrote:

The power that Arch users hold !!!!

Muhahahahaha

lilsirecho · 2011-07-26 16:09:02

Another thing not recommended....I am using not one but five Compact Flash devices in my bootable raid0 archlinux system.....

lilsirecho · 2011-07-26 16:21:29

x86_64 as well.....

Dumbledore · 2011-07-26 16:38:39

Inxsible wrote:

Dumbledore wrote:
But Arch is the only distro where I've found that people preach the least. About this as well as other things.
Dumbledore wrote:
This discussion has been helpful. I am thinking I should reconsider going back to being a mere mortal.
Do you realize what just happened here? We converted you without you realizing it and that too in under 20 posts !!
The power that Arch users hold !!!!

Not without me realizing it. If I didn't at least half want to convert, I would never have started this thread anyway. And I listened because there weren't comments like "never run as root", "you are stupid if you run as root", (and my favorite one) "you don't know what you are doing if you run as root"! That one's just plain old silly.

Dumbledore · 2011-07-26 16:42:05

lilsirecho wrote:

I am soon 86 years old. I have been in Linux for 11 years. I run all my systems in root.
I have no fear of anyone usimng my computer since it isn't windows and have had no viruses nor intrusion from any source, packages or otherwise in all those years. Check my post numbers.
At present I have 79GB bootable raid0 archlinux...another non-appreciayed mode of operation.
It is also root.
Only drawback is some packages are not allowed to run in root.
Some have easy workarounds but not all.
Enjoy your root..........

I've had a real good stint with root as well. But I think it's not about determining how many disasters have happened but more about knowing what is waiting to happen. [Did I just do that? Argue against my own stand. ]

Awebb · 2011-07-26 16:57:18

lilsirecho wrote:

x86_64 as well.....

I didn't realize there are 64bit punchcards :-D

karol · 2011-07-26 17:02:21

Awebb wrote:

lilsirecho wrote:
x86_64 as well.....
I didn't realize there are 64bit punchcards :-D

They actually hold 80 bits each, but some of the capacity is used for error correction.

@Everyone
I don't want to hijack the thread, but I've hard that in Puppy Linux user does everything as root. Is it true? Your thoughts?

Last edited by karol (2011-07-26 17:02:35)

Leonid.I · 2011-07-26 22:50:41

Yes, according to my experience from 2 year ago (can't remember which puppy that was). I vaguely remember the same being true for SystemRescueCD. But then again, these distros are only used as a rescue tool and not suited for a desktop. For example, puppy does not even have 64bit flavor...

skottish · 2011-07-27 01:19:27

lifeafter2am wrote:

... snip ...
Malignant software is unprecedented BECAUSE of the permissions system. I can show you tons of rootkits / key loggers / etc., but unless you are running as root, they can't touch important system files. This includes running programs like Firefox, Chrome, etc. There is a reason that infections have changed in the Windows 7 era (moving to looking more like legit programs vs straight infections), and that is because they now have a permission system that makes the user do something before anything can be installed / modified at the system level.
... snip ...

I'd like to add to this excellent point with a complimentary statement: Windows viruses are as pervasive as they are because of users running as the administrator. It made attacking Windows users so easy for people with even the most basic intent. Windows 7 does help a lot, but the momentum is huge and the skill level of attackers was given plenty of time to develop. Now that the number of *nix users is growing and general apathy towards security is setting in, the community at large is becoming ripe for attack.

ANOKNUSA · 2011-07-27 02:38:13

Well, it looks like you've gotten a decent chunk of advice to work with, Dumbledore, so I'll just add one more caveat of working in root that occured to me earlier. Some apps--such as a file manager or music player--will bypass some of their safeguards when used in root, e.g. trash for deleted files and verification in id3/flac tag editors that alter file names. I've fallen prey to this (that is, made this stupid mistake) myself.

Dumbledore · 2011-07-27 02:43:22

ANOKNUSA wrote:

Well, it looks like you've gotten a decent chunk of advice to work with, Dumbledore, so I'll just add one more caveat of working in root that occured to me earlier. Some apps--such as a file manager or music player--will bypass some of their safeguards when used in root, e.g. trash for deleted files and verification in id3/flac tag editors that alter file names. I've fallen prey to this (that is, made this stupid mistake) myself.

I had no idea that could happen too. Really?

Meyithi · 2011-07-27 03:40:30

If King Midas had sudo he would have used it.

Larsson · 2011-07-27 05:45:50

On my server I use su to login as root, since I only connect to it to do administrative work. In that senario, why not use root (although ssh goes to user account first).

About your question. If it is a pain in the butt to use sudo to administer the system some times a day, then go for root, simple as that.
But if that is not a problem, then why not use a user account. Saves you all of this thinking...

adaptee · 2011-07-28 15:29:15

I do not use root because I think most users do not use it . So when I encounter some problem, the chance of getting help from non-root users is supposed to be much higher than from root users.

That is it.

Inxsible · 2011-07-28 15:35:08

adaptee wrote:

I do not use root because I think most users do not use it . So when I encounter some problem, the chance of getting help from non-root users is supposed to be much higher than from root users.
That is it.

What the ......?

Dumbledore · 2011-07-28 15:58:29

hitest · 2011-07-28 23:01:06

Dumbledore wrote:

> The only "really" dangerous reason I've ever come across that I don't have a good rationalization or counter-argument against is: virii and the possibility of someone taking over the machine virtually (rootkits or something else) and using my stupidity of running as root to use my machine to launch attacks against others. Now this I can't argue against. I don't know how possible this is under the present scenario (boy, I hope not much!) but I'd like to know from you guys. What do you think about this risk. Is there any benefit of running as sudo or root here? Plus I don't want others to be hurt because of my stupidity in the FOSS community.

I'm not going to tell you what to do. It is your machine. Just curious do you run a firewall (hardware or software) on your Arch box? It might be an idea to check for rootkits on occasion. Just a thought.

homeblend · 2011-08-04 21:26:20

One little question. How can running root allow you to be infected by a root kit or key logger. Surely you'd have to install it, and couldn't you easliy install one (for some perverse reason) using sudo?

anonymous_user · 2011-08-04 21:30:39

Perhaps an exploit in a browser or plugin that allows a program to execute?

tlvb · 2011-08-04 22:46:23

Dumbledore wrote:

---8<---
> Malignant software: Now this is another area where I don't see how sudo is really useful at all. If I'm running code from someone else, it'll usually come from the Arch or AUR repositories. Not that that is foolproof, but come on, you guys and the open-source community _are_ awesome! Plus ESR's eyeball argument. We know malignant software is _almost_ unprecedented in Linux. Also, again, sounding like a broken record, I'd be using sudo to install (and probably run) that software which leaves me with no safety once the password has been entered.
---8<---

In most (popular) distros today, installing applications is usually different from running them, in the respect that there is an original developer that has made the application and then a maintainer has packaged it for that distribution. Often no parts of the program is run during the installation (which is the part that is run with superuser privileges if not using root all the time)
Example:

Case 1: The application is legit, but a certain unnamed forum admin has sneaked an rm -rf / into the PKGBUILD
Case 2: The application contains a rm -rf /, but the PKGBUILD does nothing except moving the program to /bin or something like that.

In case 1 you get a valuable lesson on the subject of why it is good to audit PKGBUILDs
In case 2 you get a valuable lesson on the subject of why it is good to not run applications as root unless you need to.

The commands may be executed as results of bugs, and do not even have to have been consciously put there to do harm.

(I haven't actually tested the above, certain systems have safeguards that e.g. detect an rm -rf / command, my point still stands, it is nothing that an application with superuser acces cannot work around.)

Last edited by tlvb (2011-08-04 22:52:06)

Dumbledore · 2011-08-05 10:35:15

hitest wrote:

Dumbledore wrote:
> The only "really" dangerous reason I've ever come across that I don't have a good rationalization or counter-argument against is: virii and the possibility of someone taking over the machine virtually (rootkits or something else) and using my stupidity of running as root to use my machine to launch attacks against others. Now this I can't argue against. I don't know how possible this is under the present scenario (boy, I hope not much!) but I'd like to know from you guys. What do you think about this risk. Is there any benefit of running as sudo or root here? Plus I don't want others to be hurt because of my stupidity in the FOSS community.
I'm not going to tell you what to do. It is your machine. Just curious do you run a firewall (hardware or software) on your Arch box? It might be an idea to check for rootkits on occasion. Just a thought.

I do have a software firewall installed. Plus I have scheduled jobs to look for rootkits using rkhunter.

Dumbledore · 2011-08-05 10:36:55

tlvb wrote:

Dumbledore wrote:
---8<---
> Malignant software: Now this is another area where I don't see how sudo is really useful at all. If I'm running code from someone else, it'll usually come from the Arch or AUR repositories. Not that that is foolproof, but come on, you guys and the open-source community _are_ awesome! Plus ESR's eyeball argument. We know malignant software is _almost_ unprecedented in Linux. Also, again, sounding like a broken record, I'd be using sudo to install (and probably run) that software which leaves me with no safety once the password has been entered.
---8<---
In most (popular) distros today, installing applications is usually different from running them, in the respect that there is an original developer that has made the application and then a maintainer has packaged it for that distribution. Often no parts of the program is run during the installation (which is the part that is run with superuser privileges if not using root all the time)
Example:
Case 1: The application is legit, but a certain unnamed forum admin has sneaked an rm -rf / into the PKGBUILD
Case 2: The application contains a rm -rf /, but the PKGBUILD does nothing except moving the program to /bin or something like that.
In case 1 you get a valuable lesson on the subject of why it is good to audit PKGBUILDs
In case 2 you get a valuable lesson on the subject of why it is good to not run applications as root unless you need to.
The commands may be executed as results of bugs, and do not even have to have been consciously put there to do harm.
(I haven't actually tested the above, certain systems have safeguards that e.g. detect an rm -rf / command, my point still stands, it is nothing that an application with superuser acces cannot work around.)

I can only agree with you here.

Cloudef · 2011-08-05 12:22:26

The installation progress Could be made bit safer if PKGBUILD system would sandbox them to known installation locations
(eg. they can't affect things outside of their install prefix) And usually these are /usr/bin/<pkgname> /usr/share/<pkgname>, etc.

These could also be defined on some array, but yeah.. Point stands, use common sense and check the PKGBUILDs especially if you download from some dodgy place

Last edited by Cloudef (2011-08-05 12:23:10)

karol · 2011-08-05 14:14:42

Cloudef wrote:

The installation progress Could be made bit safer if PKGBUILD system would sandbox them to known installation locations
(eg. they can't affect things outside of their install prefix) And usually these are /usr/bin/<pkgname> /usr/share/<pkgname>, etc.
These could also be defined on some array, but yeah.. Point stands, use common sense and check the PKGBUILDs especially if you download from some dodgy place

It might be relevant to this discussion: https://bbs.archlinux.org/viewtopic.php?id=123754

Arch Linux

#26 2011-07-26 16:01:22

Re: Arch and community's attitude towards 'root'

#27 2011-07-26 16:09:02

Re: Arch and community's attitude towards 'root'

#28 2011-07-26 16:21:29

Re: Arch and community's attitude towards 'root'

#29 2011-07-26 16:38:39

Re: Arch and community's attitude towards 'root'

#30 2011-07-26 16:42:05

Re: Arch and community's attitude towards 'root'

#31 2011-07-26 16:57:18

Re: Arch and community's attitude towards 'root'

#32 2011-07-26 17:02:21

Re: Arch and community's attitude towards 'root'

#33 2011-07-26 22:50:41

Re: Arch and community's attitude towards 'root'

#34 2011-07-27 01:19:27

Re: Arch and community's attitude towards 'root'

#35 2011-07-27 02:38:13

Re: Arch and community's attitude towards 'root'

#36 2011-07-27 02:43:22

Re: Arch and community's attitude towards 'root'

#37 2011-07-27 03:40:30

Re: Arch and community's attitude towards 'root'

#38 2011-07-27 05:45:50

Re: Arch and community's attitude towards 'root'

#39 2011-07-28 15:29:15

Re: Arch and community's attitude towards 'root'

#40 2011-07-28 15:35:08

Re: Arch and community's attitude towards 'root'

#41 2011-07-28 15:58:29

Re: Arch and community's attitude towards 'root'

#42 2011-07-28 23:01:06

Re: Arch and community's attitude towards 'root'

#43 2011-08-04 21:26:20

Re: Arch and community's attitude towards 'root'

#44 2011-08-04 21:30:39

Re: Arch and community's attitude towards 'root'

#45 2011-08-04 22:46:23

Re: Arch and community's attitude towards 'root'

#46 2011-08-05 10:35:15

Re: Arch and community's attitude towards 'root'

#47 2011-08-05 10:36:55

Re: Arch and community's attitude towards 'root'

#48 2011-08-05 12:22:26

Re: Arch and community's attitude towards 'root'

#49 2011-08-05 14:14:42

Re: Arch and community's attitude towards 'root'

Board footer