Sometimes I want to protect myself from myself! Running as non-root means that if I go doing something slightly more important, I am reminded by denial of permissions that it is more important.
Typing sudo doesn't irritate me that much.
I'm reminded of the cartoon that seems to be destined to the same fame as the one with one dog to another, as they look at a computer, "on the Internet, no one knows you are a dog."
The more recent classic is this conversation:
"Make me a sandwich!"
"No way, get it yourself!"
"Sudo make me a sandwich."
"Oh, ok!"
So, I don't mind running as root or not.
Why does Puppy run in root?
-
Bruce B
Re: Root, rot, rut
It is not just permissions.
Application, even X crashes are a serious factor.
Sudo for this, user for that. Learn when sudo and when user, learn what sudo can do -- remember in these restricted systems sudo cannot do everything user can do and visa-versa.
Don't believe me. Try it. Crash and learn. Maybe the distro geniuses do not want to allow you to run X apps as root, maybe they'd prefer CRASH over giving you an advisory.
From my perspective some of this discussion is not root vs. user. It has to do also with crippling root.
Unix to my knowledge has no history of doing such things. Linux doesn't either. It has to do with Linux newbie developers on the block.
Do we want to attract Windows users? Are they stupid? Are we trying to appeal to skilled Linux users? Ignorant ones?
Let's all get together and make a truly user proof Linux. He can't remove or install anything, he can't make changes. He can only run the programs WE DECIDE he can run, no more or no less.
We can make Linux like Vista - genuine advantages, user access controls, layers of DMA, secrets and more secrets.
In the meantime, the more honest feedback these newbies on the block have to deal with, the better IMO.
Guess what folks? Although I have no experience in Operating System designs - I can improve UNIX!!!
No joke! I'll simply cripple administrator functionality. I will explain this madness in one paragraph on the Internet. Then all who follow can have crippled administrator functionality - I am so, so wise and smart.
I protect people from themselves. My next plan is to have you play solitaire with real cards that have no sharp edges so you won't get a paper cut on your finger.
Application, even X crashes are a serious factor.
Sudo for this, user for that. Learn when sudo and when user, learn what sudo can do -- remember in these restricted systems sudo cannot do everything user can do and visa-versa.
Don't believe me. Try it. Crash and learn. Maybe the distro geniuses do not want to allow you to run X apps as root, maybe they'd prefer CRASH over giving you an advisory.
From my perspective some of this discussion is not root vs. user. It has to do also with crippling root.
Unix to my knowledge has no history of doing such things. Linux doesn't either. It has to do with Linux newbie developers on the block.
Do we want to attract Windows users? Are they stupid? Are we trying to appeal to skilled Linux users? Ignorant ones?
Let's all get together and make a truly user proof Linux. He can't remove or install anything, he can't make changes. He can only run the programs WE DECIDE he can run, no more or no less.
We can make Linux like Vista - genuine advantages, user access controls, layers of DMA, secrets and more secrets.
In the meantime, the more honest feedback these newbies on the block have to deal with, the better IMO.
Guess what folks? Although I have no experience in Operating System designs - I can improve UNIX!!!
No joke! I'll simply cripple administrator functionality. I will explain this madness in one paragraph on the Internet. Then all who follow can have crippled administrator functionality - I am so, so wise and smart.
I protect people from themselves. My next plan is to have you play solitaire with real cards that have no sharp edges so you won't get a paper cut on your finger.
-
Bruce B
Of course I wouldn't want anything that would damage the cards. Maybe I could start the book off with instructions how how to protect your ninety-nine cent deck of cards from inadvertent damage, which may be more money than you paid for Linux.Flash wrote:And how about a book called "How to Cheat at Solitaire, for Dummies." :lol:
-
37fleetwood
- Posts: 403
- Joined: Fri 10 Aug 2007, 03:25
OK, don't ask me how I found myself reading this thread, I was looking for something completely else, but while I'm here I thought I'd say something completely un-useful. well maybe not completely.
first I would like to tell new Linux users that I first downloaded Puppy about two years ago and knew next to nothing about Linux. I booted and played without even seting up the firewall. never used anti-virus software, went all over the web. never once did I have any renegade software, no malicious websites, no accidental mishaps in the terminal (never even used it
) and now I'm finding that I was supposed to be afraid all this time! (I have a suspicion which I'll expound later) I've used the live cd, and when I figured it out, I made multisession cd's I tried bunches of Puplets (different types of Puppy) installed lots of software packages I saved sessions to my hard drive, I've even installed Puppy and used it as my main operating system for several months. don't get me wrong, I've messed it up myself a few times, but I've never lost my personal data. (serious advice, keep personal data (music, photos, video, documents, etc. etc.) on a separate partition if not hard drive no matter which operating system you use). someone mentioned that if there were a real problem, there would be more testimonials. go to the Ubuntu forums and see just how many posts there are from people saying "Die, Die!!!, and they'll never be back. search here for "Die, Die!!!" and you aren't likely to find much (though this post might show up )
second, I have a suspicion, who is it that is making all the fuss? are they really concerned, or is there a more sinister agenda here? I mean really, where is it coming from? who doesn't want this distro to keep growing? I don't know but I suspect that this is what it really is. maybe the same couple of guys posting all over the place, exposing what they think they can convince people is a weakness. doesn't really matter if it is a weakness, it surely has turned at least some people off of Puppy.
let me know what you think
and for new people thinking of trying Puppy go for it, and don't worry I'm still using it not really knowing anything about security.
Scott
first I would like to tell new Linux users that I first downloaded Puppy about two years ago and knew next to nothing about Linux. I booted and played without even seting up the firewall. never used anti-virus software, went all over the web. never once did I have any renegade software, no malicious websites, no accidental mishaps in the terminal (never even used it
) and now I'm finding that I was supposed to be afraid all this time! (I have a suspicion which I'll expound later) I've used the live cd, and when I figured it out, I made multisession cd's I tried bunches of Puplets (different types of Puppy) installed lots of software packages I saved sessions to my hard drive, I've even installed Puppy and used it as my main operating system for several months. don't get me wrong, I've messed it up myself a few times, but I've never lost my personal data. (serious advice, keep personal data (music, photos, video, documents, etc. etc.) on a separate partition if not hard drive no matter which operating system you use). someone mentioned that if there were a real problem, there would be more testimonials. go to the Ubuntu forums and see just how many posts there are from people saying "Die, Die!!!, and they'll never be back. search here for "Die, Die!!!" and you aren't likely to find much (though this post might show up )second, I have a suspicion, who is it that is making all the fuss? are they really concerned, or is there a more sinister agenda here? I mean really, where is it coming from? who doesn't want this distro to keep growing? I don't know but I suspect that this is what it really is. maybe the same couple of guys posting all over the place, exposing what they think they can convince people is a weakness. doesn't really matter if it is a weakness, it surely has turned at least some people off of Puppy.
let me know what you think
and for new people thinking of trying Puppy go for it, and don't worry I'm still using it not really knowing anything about security.
Scott
[color=darkblue][b]Thanks!
Scott 8) [/b][/color]
[color=darkblue][size=150]I'm a PC... Without Windows[/size][/color]
Scott 8) [/b][/color]
[color=darkblue][size=150]I'm a PC... Without Windows[/size][/color]
OK, I'm the paranoid guy around here - it was my nagging that got Barry to allow encrypted pupsaves, etc.
And yet, I still don't see the need to run as other than root - in a desktop/laptop/workstation!
OK, it makes some sense when you are a system admin and 100 users depend on you not screwing up. Any added layer of "be careful" might save your job.
But I don't know how many explanations I've read about people having to hack into a user name and user password and finally root password to get su or sudo access as being more secure than just a root password - nonsense! If you want security, cook yourself up a good root password. There is no example of username/password//rootpassword so secure that it cannot be trumped by simply adding more security in a root password by itself.
BTW, are passwords really only limited to 8 characters? Mine has more - are the last characters ignored? If we have an 8-character limit, then THAT is the big security hole in Puppy, not the fact that we run as root.
It might make sense for Puppy to require a root password as default though, rather than having root the password completely turned off. Then if people insist on no password for root they can always do that, but the default condition is more secure.
But maybe I'm just being more paranoid than I need to be. It's happened before.
I have noticed that in reviews of Puppy, the big thing that people rag on is running as root. Oh, well. Can't please everyone...
And yet, I still don't see the need to run as other than root - in a desktop/laptop/workstation!
OK, it makes some sense when you are a system admin and 100 users depend on you not screwing up. Any added layer of "be careful" might save your job.
But I don't know how many explanations I've read about people having to hack into a user name and user password and finally root password to get su or sudo access as being more secure than just a root password - nonsense! If you want security, cook yourself up a good root password. There is no example of username/password//rootpassword so secure that it cannot be trumped by simply adding more security in a root password by itself.
BTW, are passwords really only limited to 8 characters? Mine has more - are the last characters ignored? If we have an 8-character limit, then THAT is the big security hole in Puppy, not the fact that we run as root.
It might make sense for Puppy to require a root password as default though, rather than having root the password completely turned off. Then if people insist on no password for root they can always do that, but the default condition is more secure.
But maybe I'm just being more paranoid than I need to be. It's happened before.
I have noticed that in reviews of Puppy, the big thing that people rag on is running as root. Oh, well. Can't please everyone...
-
Bruce B
I suppose the biggest real enterprise players are RedHat, Suse, Fedora and Centos. In terms of the big four, I think that's accurate.PaulBx1 wrote: OK, it makes some sense when you are a system admin and 100 users depend on you not screwing up. Any added layer of "be careful" might save your job.
What I know is accurate is; they have traditional root accounts.
Suppose we want to do one thing and one thing only. We want to perform daily backups at 2:00 AM.
Are we actually going to pay a person to type in commands to do this, at that hour?
Can Ubuntu sudo run all by its lonesome and make this daily backup?
If so, where is the extra safety? A computer doing things at root access level and not a human being around to tell it to start, continue or stop?
If it can't do things at high permission levels; meaning start, continue and stop, when no human is around, where is the enterprise value?
BTW: I don't know the answer to the two questions I just posed. I'd be curious enough to know.
-
37fleetwood
- Posts: 403
- Joined: Fri 10 Aug 2007, 03:25
I have to say I think the encrypted pupsave is really necessary especially if you are using a laptop. with this cool option, if you loose your computer somehow, it is gone but at least you don't have to worry about some weirdo writing crazy e-mails to your mom, or worse if you have an address book stored, calling friends or family, or really worse, showing up at someone's house! I've been meaning to set up a laptop with encryption for my Photography business and the more secure the better. my plan is encrypted pupsave, and truecrypt encrypted volume with all other documents etc. I've even been considering using bcrypt to encrypt the swap though the threat from someone finding or having stolen your laptop actually getting something useful from your swap is slim. running in root doesn't bother me at all.
Scott
Scott
[color=darkblue][b]Thanks!
Scott 8) [/b][/color]
[color=darkblue][size=150]I'm a PC... Without Windows[/size][/color]
Scott 8) [/b][/color]
[color=darkblue][size=150]I'm a PC... Without Windows[/size][/color]