that darned ROOT problem

Tony Arnold tony.arnold at manchester.ac.uk
Wed Sep 28 22:03:37 UTC 2005 

On Wed, 2005-09-28 at 14:24 -0400, Bo Grimes wrote:
> Janne Jokitalo wrote:
> 
> >Bo Grimes wrote:
> >  
> >
> >>is a poor substitute for education about the purpose for and
> >>uses of root.
> >>    
> >>
> >
> >Not solely so. Without root password, you at least get away with random
> >attacks that try common usernames with passwords like 'admin', 'password' or
> >the like. You get the picture.
> >  
> >
> 
> So how does Ubuntu's way prevent that if this were the case?

One common form of attack is to brute force guess, or perform dictionary
password attacks on known user names such as root. With the suoo
approach, a hacker has to find the user name before even thing about
such an attack, thus it is slightly more secure this way. The general
advice for good Windows administration is to change the name of the
Administrator account, for this reason (although there is an easy way to
find out which account is the administrator).

There is also some protection of a system is left logged in. Someone
coming to such a system cannot do anything as root unless that person
knows the users password. Leaving a system logged in as root does not
afford this protection.

Not so applicable for the home user, but for larger systems where there
may be a need for several people to have root, or partial root access,
the sudo mechanism allows this and avoids having to circulate the root
password to too many people.

So I am fairly convinced the approach is the right one, giving a degree
of ease (i.e., no extra root password to worry about) and a certain
amount of extra security. I should point out that once a hacker has your
password, root or not, the game is pretty much over as installing root
kits etc., is not that difficult.

And has been said before, if you are not comfortable with sudo and
really want a root account, there is nothing to stop you setting a
password for root.

> The fact here is that Ubuntu is changing it from the standard practice 
> for Linux distros, and I have 6 years and dozens of distos of experience.

Interesting you should use the term 'standard'. I didn't think there
were any standards in Linux:-) All distros are packaged differently;
come with different sets of packages; have different package management
regimes etc. Surely it is a mistake to expect one package to behave
exactly like another!

The real problem is that experienced users are expecting a root account
and are surprised when they never get prompted for the root password
during the install. I agree there should be a clear warning during the
install stage, but I suspect many experienced users will just skip past
that. I know I would! I don't know what the answer is, but I would like
to avoid the Windows situation where 90% of users run by default with
administrator privilege!

Regards,
Tony.
-- 
Tony Arnold, IT Security Coordinator, University of Manchester,
IT Services Division, Kilburn Building, Oxford Road, Manchester M13 9PL.
T: +44 (0)161 275 6093, F: +44 (0)870 136 1004, M: +44 (0)773 330 0039
E: tony.arnold at manchester.ac.uk, H: http://www.man.ac.uk/Tony.Arnold

More information about the ubuntu-users mailing list