Hello. I am no security expert, read the following with that in mind.
On Fri 2002-12-27 at 16:56:32 +0000, Anne Wilson wrote:
> On Friday 27 Dec 2002 3:16 pm, David Williams wrote:
> > On Friday 27 December 2002 08:56 am, Anne Wilson wrote:
> > > Although I practically never log in as root, there are many things that
> > > require root priveleges, so opening File Manager (Super User Mode) or a
> > > root console is a common task.
> > >
> > > Why is this not as dangerous?
I am not sure if I understand your question correctly. If your
question is why it is safer to run the application in question that
way: it isn't. The point is to run *only* that application as root,
which is safer than running everything as root. Although it is not a
big safety win, why would you expose yourself unnecessarily?
> > > Should we be closing those sessions as soon as possible?
Yes. But not because it is unsafe per se to have this session running,
but only to be sure to not forget to close it. Leaving your computer
alone with an open root session is not a good idea.
> > > What safeguards are there?
"sudo" is a nice way to make root access safer and its use is quite
standard in Linux production environments. It allows to execute a
single command as root like this:
sudo -H urpmi mozilla
and gives up the root privilege afterwards, at once. It uses a config
file (/etc/suduers) to determine who may execute which commands as
root (yes, that means you may allow your roommate to only restart the
webserver). It requires to authenticate with your (user) password (can
be overridden), but only if you did not use it for some minutes (can
be overridden, too). The advantage is that you don't have to remember
to close anything in order to lose root privileges after you are done
with the task.
For home use, setting up sudo and getting used to it is probably not
worthwhile. OTOH, once you know sudo, it is a matter of less than a
minute to have a basic setup running.
> > To add to that question (and mostly for my clarification), -- Is
> > opening a console as superuser and installing something the same
> > as logging out as a user and logging in as root.?
Basically, yes. At least, if you login as root on the text console.
If you have a graphic login, you will end up running everything as
root, including KDE/GNOME, the file managers, the panels. Everything.
And most of these applications where not designed with safe-as-root in
mind. Although, in realitity, there is not much that will go wrong
this way, you should restrict such a session to the task at hand. And
not read mail, surf the web and so on.
But, for a comparison, doing so is still safer than downloading a
program from untrusted sources (yes, that means almost any website)
and using root (either way) to install it. The risk of being harmed by
a malicious program is much higher than something going wrong with
your root session.
There are two things to keep in mind: Security comes in layers. You do
not want to have a single point of failure. Therefore you try to
minimize your exposure in every layer. That's why you want to keep
your actions as root to the necessary only: Not because it has any
immediate risk, but because it lowers the possibility that another
hole can be escalated this way. Therefore you stop unused services.
Therefore you do not want to run more applications as root as needed.
Second, there is no perfect security and how much you invest in
security depends on how paranoid you are and what you have to lose.
And, of course, how inconvenient the security measure would be. You
don't keep your watch in a safe, except perhaps, if it is a Rolex. ;)
OTOH, you lock your doors when you go out, and you do not have
valuable jewelry lying around openly, do you?
HTH,
Benjamin.
PS: Ah, and because it cannot be said often enough: Most important is
that you keep your computer up-to-date with security fixes, of
course. Especially for programs that handle untrusted input (any
internet-related program, compilers, ...)
msg112933/pgp00000.pgp
Description: PGP signature
