Re: dangerous to leave root logged in?

From: Julia Thorne (rimbaldi_at_nospam.tld)
Date: 03/30/05 

Date: Tue, 29 Mar 2005 23:17:53 GMT

On Mon, 28 Mar 2005 15:28:43 -0800, Keith Keller wrote:

> The basis of the advice is to minimize the chance that, intentionally
> or by accident, a dangerous command can be used by root. If all of
> your root-authorized users are perfect all of the time, then there's
> probably no problem with leaving a root shell available at all times.

Oh come on. You guys are getting desperate now. You can't provide
a concrete, *technical* answer to his question, he won't accept
your religious *nix dogma, and you're grasping at straws now.

Hmm. Users will make mistakes if they use a root shell that's
already open, but they won't make those mistakes if they have to
login first. No, sorry... it just doesn't make sense.

Keeping root logged OUT most of the time seems like safe conservative
advice, since it probably won't do any harm. But if there's a
*technical* risk (not a personnel risk) in having a root shell open
from one console, while another user is logged into another console,
what IS it, exactly? If the root shell is a security hole when it's
been open for an hour, isn't it a security hole during the 30 seconds
that you'd have it open? If somebody on the LAN knows of a security
vulnerability of open root logins, won't he have a script or program
that watches for that root login and exploits it the instant that
it appears?

So... what IS that vulnerability? I wouldn't be surpised to hear
that there is one (I'd be surprised if there isn't), but what IS
that vulnerability? This question comes up frequently, and nobody
ever has an informed, useful answer- just insults for the questioner,
and advice like "If you weren't stupid, you'd use <insert name of
software here>", "You post to Usenet with a Windoze program, so
you shouldn't be allowed to ask questions about Linux!"... as if
people should post to Usenet using the company SERVER, instead of
their desktop machine.

***
Most of the opinions preached here, regarding how things should
be done, seem to be based on corporate experience in situations
where anybody and his dog could wander in & out of the machine
room unwatched and unsupervised. Those experiences don't prove
that root access is bad; they prove that you should have locked
the door to your office. Or that the boss should stop giving
group tours of the IT department to all visitors. ;-)

I can't believe how many of you suggest remote "secure" login as
a solution to the problem. How could anybody possibly believe
that remote root login is safer than console-only root login??

Maybe my viewpoint on "secure remote access" is different because:
A: I don't use a Linux GUI.
B: I don't work in a corporate IT environment, "helped" by the
    half-trained chimpanzees that serve as IT employees nowdays.
C: I run Web/Mail/FTP servers, where those chimpanzees (when
    they go home for the night) spend all their time banging on
    my Web server with bananas, trying to hack in.

Wait... I wandered off the thread topic... Oh, yeah: what is the
danger of an open root shell login being exploited by another
user on the network?

Relevant Pages

  • Re: dangerous to leave root logged in?
    ... a dangerous command can be used by root. ... Users will make mistakes if they use a root shell that's ... > vulnerability of open root logins, won't he have a script or program ... > that remote root login is safer than console-only root login?? ...
    (comp.os.linux.security)
  • RE: OpenSSH_3.8.1p1 PermitRootLogin with bastille
    ... "PermitRootLogin no" means one can't DIRECTLY login as "root" to any ... ttys excluding Console and ttys at console. ... If root login is tried after logging in as someone, ... configuring manually the bastille, root is able to login with ssh. ...
    (SSH)
  • Re: "Bugbear" virus in Linux?
    ... >> I am one of several Unix admins in a relatively large corporation. ... > root login shell running if it is legitimate or not. ... Given your description of sudo, I'd like to hear what additional risk there ...
    (comp.os.linux.misc)
  • Re: "Bugbear" virus in Linux?
    ... > single one of our boxes allows root logins. ... None of them allow remote root logins. ... root login shell running if it is legitimate or not. ... Single user mode is never needed. ...
    (comp.os.linux.misc)
  • BID 7482, bug in OpenSSH (Still in FreeBSD-STABLE)
    ... is not allowed to root login on that system. ... felipe@worm felipe $ ssh -l root host ...
    (Bugtraq)