Now, when you make these statements, I really need to know how this can be
possible. Just making the statements, without any kind of explainations
does not improve my impression of Linux being a secure environment.
Give me an concrete example how someone can gain access to my computer
while I am logged in as root on the local console.
I would also like to see other people, who are more experienced than I am,
to comment on this.
Thank you.
Niclas
Steve Youngs wrote:
> * luciano <[EMAIL PROTECTED]> writes:
>
> > Everywhere i read about not using the root account all the time, but i
> > don't see where's the problem in doing it.
> > I use linux on 1 machine not conected to a lan, only with a dial
> > up connection to internet. My question is, it's really necesary for me
> > to have another account besides root (i'm the only one who uses linux
> > in this pc)?
>
> Yes...
>
> Because you have just told a large number of people that you have a
> dial-up connection to the internet and you only run as root. Any
> would-be cracker out there is now thinking..."hmm, he only runs as
> root... bet he hasn't set up a firewall or any other kind of
> security... next time he's on the net I'll see what's interesting on
> his box or what interesting things I can do from his box..."
>
> Yes...
>
> Because root doesn't have limitations and it's good to have limits,
> especially when you are new. As an example, rm -rf / will only give a
> permission denied error as a normal user, but it will delete _all_
> files on _all_ mounted read-write filesystems on you computer. Now,
> you might think that "oh well, I can just boot to windows". Guess
> what? If your windoze partitions are mounted when you rm -rf / as
> root, you have just lost windows as well as Linux.
>
> Yes...
>
> Because if you ever use IRC as root, at best you'll get laughed at.
> At worst you'll lose every file on your computer, because someone
> will just help themselves to your system.
>
> There's lots of other reasons but hopefully you get the picture. It's
> up to you to decide whether or not you will continue to use root all
> the time. If you do, the chances of you having to re-install
> everything because of a stupid mistake are incredibly high.
>
