Newbie question on permissions

William Stephens wstephens10 at cox.net
Sat Apr 1 20:34:13 UTC 2006 

On Sat, 2006-04-01 at 20:30 +0100, Daniel Carrera wrote:
> William Stephens wrote:
> > Ever since I switched over to Linux
> 
> Yay! \o/
> 
> > My question is if I run a few apps that are
> > run "as root" is that the same as being logged on as root or is only the
> > app that I am using at risk?
> 
> Only the apps. So, if you *must* run an app as root, it makes sense to 
> still login as a regular user and use root ony for that one app. That's 
> actually the point of "sudo". It "encourages" you to use root only when 
> you absolutely must.
> 
> I can only think of one instance when you need to use root and that's to 
> install/remove software (e.g. Synaptic).
> 
> > Also if I am logged on as root on a
> > terminal does that risk everything? Thanks for the help.
> 
> It's an unnecessary risk. How great the risk is depends on how you use 
> it. For example:
> 
> If you are alone at home, have no kids, and you never use that terminal, 
> then it's probably ok. The greatest risk is that you'll forget that you 
> are root and use the terminal to do something dangerous. Not a huge 
> risk, but still not a necessary one. For example, when I began using 
> Linux 8 years ago, I was in that situation (alone at home as root) and 
> one time I accidentally deleted my mouse device. I had to get a friend 
> to get my mouse working again.
> 
> If you are not alone (e.g. are at work, have kids or a cat) the risk 
> increases accordingly. A kid is more likely to break something out of 
> ignorance, and your cat might walk on the Enter key at the worst 
> possible time.
> 
> There's another consideration: How do you know which actions are safe 
> and which ones aren't? If you are root you'll never know the difference. 
> If you are a regular user, you will. This means that (1) you'll learn 
> about your system faster (knowledge is power) and (2) you'll be safe 
> over-all because you'll be warned about potentially dangerous actions.
> 
> For example, suppose someone tells you to run this really cool program 
> called Atomix that they found on the Ubuntu forums. You try to run it 
> and it says that you must run it as root. That should make you think 
> twice, so you ask here for opinions. Some people will tell you that it's 
> great, others that it's terrible. You might still decide to run it, but 
> you will have made an informed decision.
> 
> So, those are the reasons for not running as root. What are the benefits 
> of running as root? I can only think of one: when you install software 
> you won't have to type your password again. Are there any others? I 
> can't think of any.
> 
> So, you have to make a cost-benefit decision. Are the risks of running 
> as root worth the benefits? I think not.

I understand why sudo makes sense. I guess my concerns come from stuff I
have read on the internet that viruses and what not don't do a whole lot
of harm except to your home directories cause of permissions, I was just
wondering if the root terminal or apps as root could endanger system
files?

More information about the ubuntu-users mailing list