Hello. I am no security expert, read the following with that in mind.
On Fri 2002-12-27 at 16:56:32 +0000, Anne Wilson wrote: > On Friday 27 Dec 2002 3:16 pm, David Williams wrote: > > On Friday 27 December 2002 08:56 am, Anne Wilson wrote: > > > Although I practically never log in as root, there are many things that > > > require root priveleges, so opening File Manager (Super User Mode) or a > > > root console is a common task. > > > > > > Why is this not as dangerous? I am not sure if I understand your question correctly. If your question is why it is safer to run the application in question that way: it isn't. The point is to run *only* that application as root, which is safer than running everything as root. Although it is not a big safety win, why would you expose yourself unnecessarily? > > > Should we be closing those sessions as soon as possible? Yes. But not because it is unsafe per se to have this session running, but only to be sure to not forget to close it. Leaving your computer alone with an open root session is not a good idea. > > > What safeguards are there? "sudo" is a nice way to make root access safer and its use is quite standard in Linux production environments. It allows to execute a single command as root like this: sudo -H urpmi mozilla and gives up the root privilege afterwards, at once. It uses a config file (/etc/suduers) to determine who may execute which commands as root (yes, that means you may allow your roommate to only restart the webserver). It requires to authenticate with your (user) password (can be overridden), but only if you did not use it for some minutes (can be overridden, too). The advantage is that you don't have to remember to close anything in order to lose root privileges after you are done with the task. For home use, setting up sudo and getting used to it is probably not worthwhile. OTOH, once you know sudo, it is a matter of less than a minute to have a basic setup running. > > To add to that question (and mostly for my clarification), -- Is > > opening a console as superuser and installing something the same > > as logging out as a user and logging in as root.? Basically, yes. At least, if you login as root on the text console. If you have a graphic login, you will end up running everything as root, including KDE/GNOME, the file managers, the panels. Everything. And most of these applications where not designed with safe-as-root in mind. Although, in realitity, there is not much that will go wrong this way, you should restrict such a session to the task at hand. And not read mail, surf the web and so on. But, for a comparison, doing so is still safer than downloading a program from untrusted sources (yes, that means almost any website) and using root (either way) to install it. The risk of being harmed by a malicious program is much higher than something going wrong with your root session. There are two things to keep in mind: Security comes in layers. You do not want to have a single point of failure. Therefore you try to minimize your exposure in every layer. That's why you want to keep your actions as root to the necessary only: Not because it has any immediate risk, but because it lowers the possibility that another hole can be escalated this way. Therefore you stop unused services. Therefore you do not want to run more applications as root as needed. Second, there is no perfect security and how much you invest in security depends on how paranoid you are and what you have to lose. And, of course, how inconvenient the security measure would be. You don't keep your watch in a safe, except perhaps, if it is a Rolex. ;) OTOH, you lock your doors when you go out, and you do not have valuable jewelry lying around openly, do you? HTH, Benjamin. PS: Ah, and because it cannot be said often enough: Most important is that you keep your computer up-to-date with security fixes, of course. Especially for programs that handle untrusted input (any internet-related program, compilers, ...)
msg112933/pgp00000.pgp
Description: PGP signature