On Thu, 31 Jul 2003, James Sparenberg wrote: > On Thu, 2003-07-31 at 13:24, Bill Mullen wrote: > > On Thu, 31 Jul 2003, Felix Miata wrote: > > > > > Looks like this is my only option. I can't figure out any way to > > > tell mdkKDM I want to login as root instead of regular user. > > > > I hate to bring up something that's been rehashed over and over again > > in so many forums, but I must ask, why do you feel any need at *all* > > to log into a full-blown X session as root? I have /never/ needed to > > do this (I'm not saying I've never done it, just that in retrospect > > I've never *needed* to, and I haven't done so for a very long time > > now). Frankly I just don't understand how this can ever be neccessary, > > or even all that helpful, to anyone; the risks, OTOH, are considerable > > and, to my way of thinking, are entirely and easily avoidable merely > > by never doing that. > > > > Enlighten me, would you? :) > > It's his box... he want's to. That is all the reason in the world.
If he wants to, fine. If someone else wants to tell him how, fine. I was merely trying to get him to examine his thinking, and perhaps come to the realization that he is taking risks of which he may not be aware by doing this, and that there are safer alternative ways to do what he wants done. That seems to me to be a worthwhile effort, and experience that is worth imparting to others whenever possible. I also take issue with the notion that this is Gatesian thinking; I never said he *couldn't* do it. What I tried to get across is that IMHO it is not a sound and justifiable systems administration practice to do so. I am fully aware that the details of how to accomplish it are readily available from a plethora of sources, and I was also fairly confident that someone else would come right along and provide them for him here. My concern was only that the inadvisability of it might not get brought up if I failed to mention it myself. So I did. > I've done it a number of times. Why?... I build boxes for people and > when I build the box it has no user. I nonetheless have to > configure/setup the box and the only option is to log in as root. > (much cleaner than creating / deleting a user just to su to root. and I > rarely know who I'm building it for, only that I have to build X number > of boxes.) I disagree that it is "much cleaner", as creating and then later deleting a user is such a trivial exercise. Moreover, I don't see how you can test the configuration of these boxes without creating a user, because without having done so, all you've determined is that everything works properly as root - which essentially tells you nothing about whether or not what you have set up will work just as you expect it to when logged in as a user. I see this as the central fallacy of the "I have to run X as root" mode of thinking ... it seems to me to be far simpler, as well as far safer, to do one's configuring while logged in as a user (from a su-ed terminal session or a GUI tool that has been given root privileges, such as drakconf), so that one can easily and immediately test that configuration /as a user/. So it's not only a sounder practice, it's a quicker one as well. ;) > Do I do it often on my home box? .... no. But I do, do it. I can't do > any more damage that way than I can as a normal user and su/sudo. No, you can't do *more* damage, but you can do inadvertent damage *much* more easily; the GUI's whole function is to make things easier, and that applies to root blunders just as much as anything else. :) Also, since the X server itself is now running as root, you are somewhat more (needlessly) vulnerable to exploits originating from elsewhere. This becomes especially important if among the remaining configuration tasks is the locking down of the box. > I also do a lot of "repairs" to boxes. I often login directly as root so > that I can do repairs because I don't have a user on the box. I can understand that, but I don't see where the GUI needs to be involved. Drakconf will run just fine in a vtty, for example, as will programs like linuxconf (*ptui!* <g>), sndconfig, XFdrake, etc. etc.; many other common configuration and/or repair tools are CLI only, of course. How is running an X server as root (much less an entire DE) truly *necessary* here? And after all, it *is* just my $0.02USD. It's your machine. ;) -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 & 9.0 "There are two kinds of people in the world, those who believe there are two kinds of people in the world and those who don't." - Robert Benchley
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
