Re: dangerous to leave root logged in?

• Previous message: Unruh: "Re: dangerous to leave root logged in?"
• In reply to: Unruh: "Re: dangerous to leave root logged in?"
• Next in thread: Alvaro G. M.: "Re: dangerous to leave root logged in?"
• Reply: Alvaro G. M.: "Re: dangerous to leave root logged in?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 28 Mar 2005 13:41:11 -0800

Unruh wrote:
> Anything running gives more room for bugs which could allow root
> comprimize. Especially something as complex as X.

Yes, I understand that.

> >In fact, is it dangerous to run an (extra) X-server for root
> >(additionally to the one for the
> >user)? E.g. SUSE prevents this; logging root into kdm only gives
YaST,
> >not KDE.
>
> Why would you want to? This is supposed to be on a remote machine
with no
> physical access.

I like my root stuff with only physical access and no remote access.

> Maybe you should tell us the problem you are trying to solve and we
could
> suggest solutions, rather than telling us your solution to an unknown
> problem and asking for comments.

Right... There's one linux box on my desk here. And one monitor.
Whoever uses it sits in front of it. There's a different X server for
each user, so they don't disturb each other. Naturally, none of them is
supposed to disturb root or vice versa. Hence root's stuff runs on an X
server of its own. More precisely, an X server run with a dummy account
whose sole purpose it is to su into root or to run root stuff. And my
question is whether it is safe to leave that dummy X with root stuff
running all the time.

• Previous message: Unruh: "Re: dangerous to leave root logged in?"
• In reply to: Unruh: "Re: dangerous to leave root logged in?"
• Next in thread: Alvaro G. M.: "Re: dangerous to leave root logged in?"
• Reply: Alvaro G. M.: "Re: dangerous to leave root logged in?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]