Re: dangerous to leave root logged in?
hans_schulze98_at_yahoo.de
Date: 03/28/05
- Next message: prg: "Re: dangerous to leave root logged in?"
- Previous message: hans_schulze98_at_yahoo.de: "Re: dangerous to leave root logged in?"
- In reply to: prg: "Re: dangerous to leave root logged in?"
- Next in thread: prg: "Re: dangerous to leave root logged in?"
- Reply: prg: "Re: dangerous to leave root logged in?"
- Reply: Keith Keller: "Re: dangerous to leave root logged in?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 28 Mar 2005 13:08:56 -0800
prg wrote:
> hans_schulze98@yahoo.de wrote:
> > Is it a problem to leave root logged in at all times?
>
> Yes. That is "Yes". And in case you did not get it, "YES".
>
> > ... Or to leave
> > root-admin tools (YaST, kuser, ...) running at all times? ...
>
> See above!
I appreciate if people tell me about specific problems with this setup
(as opposed to the commonly-asked question whether you should log in as
root
*and* use it for everyday activities).
> > ... This is done
> > on a different X Server than the ones used
> > for regular users, and noone has physical access to the machine
(but
> > internet is always on).
>
> Run _anything_ as root as little as possible, for as short a time as
> possible.
But maybe this is safer? No root passwd to type within normal user's
account.
> > In fact, is it dangerous to run an (extra) X-server for root
> > (additionally to the one for the
> > user)? E.g. SUSE prevents this; logging root into kdm only gives
> YaST,
> > not KDE.
>
> SuSe is trying to protect you from yourself ;-)
Not if permissions are "easy" or "normal".
> If you want convenience (laziness?), use Windows. What's the point
of
> subverting the security mechanisms built into *nix?
What? Under *nix, X always runs as root, no matter what you try. For
every user.
> Root priviledges are sometimes _necessary_ but should be (and usually
> are) dropped as quickly as possible by applications.
So what's the problem with an idle root-xterm? Where's the risk? It
just sits there.
> Applications that _run_ as root (eg., config tools) for their
duration
> are _not_, _not_, _absolutely_not_ to be left "hanging around" for
your
> convenience (ie., laziness). Invoke them, use them, then close them.
> Period.
Strong convictions like this require reasons.
- Next message: prg: "Re: dangerous to leave root logged in?"
- Previous message: hans_schulze98_at_yahoo.de: "Re: dangerous to leave root logged in?"
- In reply to: prg: "Re: dangerous to leave root logged in?"
- Next in thread: prg: "Re: dangerous to leave root logged in?"
- Reply: prg: "Re: dangerous to leave root logged in?"
- Reply: Keith Keller: "Re: dangerous to leave root logged in?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
