Running as root ( was Re: Change Permissions (snip)..Problem Solved )

Jeffrey F. Bloss jbloss at tampabay.rr.com
Wed Jan 10 02:50:04 UTC 2007 

User Iam wrote:

> On 1/9/07, Peter Garrett <peter.garrett at optusnet.com.au> wrote:
> >
> > On Tue, 09 Jan 2007 02:47:57 -0600
> > mtyoung <tuxman at knology.net> wrote:
> >
> > > I really don't understand why so many people think that logging
> > > in as
> > root when needed is such a bad thing, although I can certainly see
> > a better way to accomplish what I needed to do.  See my other post
> > "Vote for new Ubuntu Feature---Let's try it again".
> 
> It is not a bad thing....

It's a bad practice. If nothing unexpected happens it's neither a good
nor bad "thing", but logging in as root increases the chances that bad
things can happen considerably. If there's no pressing reason to do so,
plain vanilla common sense dictates it's something you should avoid.

> 
> I have been doing it for the past 15 years...

I've been driving a car for a lot longer than that and haven't been
killed in an auto accident either. The only thing that means is
statistically I'm more due for a flaming exit than I was 30-some odd
years ago. 

> 
> su to root when you have things to do..

No. Use sudo or it's *sudo graphical cousins when you have "things to
do". Su to root only when there's no other way. Those scenarios do
exist, but they're so few and far between I'd wager the average user
will never be in one.

> 
> I never log into a root gui...
> 
> Only use root at the CLI..

For some people I'd wager this is even worse than logging into a full
blown GUI as root. Especially converts who might be use to doing things
100% graphically. It's the difference between handing someone a gun
they're familiar and practiced with, and one they're not. They're far
more likely to come away with self inflicted holes while flailing about
in unknown waters with a loaded weapon.

> And yes, root is a name that hackers can attempt to exploit..
> That is what good passwords are for...

A password that does not exist is *impossible* to crack. I use
exceptionally long "random pronounceable" phrases strategically salted
with numbers and symbols everywhere possible. My pass phrases are quite
literally stronger than the underlying encryption they guard in some
cases.

It's still not as secure as simply locking or never enabling the root
password in the first place... 

-- 
     _?_      Outside of a dog, a book is a man's best friend.
    (o o)         Inside of a dog, it's too dark to read.
-oOO-(_)--OOo-------------------------------[ Groucho Marx ]--
    grok!              Registered Linux user #402208
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070109/2b8f9f8c/attachment.sig>

More information about the ubuntu-users mailing list