Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 17 Sep 2014, 21:44
All times are UTC - 4
 Forum index » House Training » Beginners Help ( Start Here)
Why does Puppy run in root?
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 2 of 4 [48 Posts]   Goto page: Previous 1, 2, 3, 4 Next
Author Message
SirDuncan


Joined: 09 Dec 2006
Posts: 836
Location: Ohio, USA

PostPosted: Wed 21 May 2008, 22:33    Post subject:  

Bruce B wrote:
nobody has mentioned passwords.

Not in this thread, but it has been mentioned in some of the others. I hadn't realized we were limited to 8 chars though.

_________________
Be brave that God may help thee, speak the truth even if it leads to death, and safeguard the helpless. - A knight's oath
Back to top
View user's profile Send private message Visit poster's website 
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Thu 22 May 2008, 16:54    Post subject:  

oblivious wrote:
Quote:
Thus, if one remains vigilant to ensure that nothing has been compromised

Quote:
If someone doesn't keep an eye on the files their non-root user owns to make sure they are clean,

Quote:
so long as you're careful to check that it's non-compromised data (or clean it up if it isn't)
.
I am curious as to how these are actually done?

Aye, there's the rub. AV programs are one way. Another would be to make a list of md5sums for any important files that won't be changing often and then check them periodically. Monitoring your cpu, memory, and network usage is another good method. If you have a good idea what those numbers should look like, you can notice when they look wrong.

Also, I like to take a peek at my /var/log/messages file every now and then, especially if I'm running the sshd daemon (which Puppy does not include). If I leave sshd running long enough, I'll inevitably notice logs of brute-force attempts in my messages file. They don't succeed because they spend most of their time using random usernames instead of focusing on root. The chance that they'd ever hack my account seems abysmal, but given enough time they could happen to do it. So I only run sshd when I need it.

A Puppy-specific method would be to monitor the contents of pup_save.2fs (assuming you don't use Full-Install). Since that file only contains any new or changed data, only looking at it would filter out all the stuff that is almost certainly legit. If it contains files that you don't recall installing, they could be compromised. An easy way to check this file is to look in /initrd/pup_rw/ (but don't change anything inside that directory or you'll confuse Puppy).



My probably obscured point writing that post was that those things are just as necessary (or unnecessary) in other distros as in Puppy. To me, being that paranoid is mostly more work than it's worth. Some people think otherwise, and that's fine. But those who do should be consistent. It makes no sense to be paranoid when running as root but not when using a "limited" user, even without sudo (I didn't know sudo was so simple, as I've only used Puppy and Gentoo, and neither have it).

_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message Visit poster's website 
oblivious

Joined: 14 Apr 2007
Posts: 304
Location: Western Australia

PostPosted: Fri 23 May 2008, 00:48    Post subject:  

Thanks.
Quote:
Since that file only contains any new or changed data

New or changed since your last logon, or since the installation? If the former, are there 2 "tiers" in the pup save file - since installation and since last logon?
Back to top
View user's profile Send private message 
Bruce B


Joined: 18 May 2005
Posts: 11108
Location: The Peoples Republic of California

PostPosted: Fri 23 May 2008, 13:39    Post subject: Re: Why does Puppy run in root?  

Swarup wrote:
I've been using Ubuntu for a year now, and am thinking to slim down to something smaller and faster for my older laptop. Puppy is definitely one of my top choices, but I am wondering why it runs in root? Sounds sort of risky and unnecessary. Is there some benefit to doing it this way?


I'm tempted to post a new topic called, "Why won't Ubuntu let us have a real administrator account?"
    * Other distributions (most major ones) do!

Why?
    * Ubuntu wants to be the Microsoft Windows Vista of Linux?
    * Ubuntu doesn't trust you with your computer?
    * ???
Back to top
View user's profile Send private message 
jonyo

Joined: 28 Dec 2006
Posts: 2727

PostPosted: Fri 23 May 2008, 13:46    Post subject: Re: Why does Puppy run in root?  

Bruce B wrote:

    * Other distributions (most major ones) do!

Why?
    * Ubuntu wants to be the Microsoft Windows Vista of Linux?
    * Ubuntu doesn't trust you with your computer?
    * ???

Might have a read at distrowatch comments. Big time 'buntu hate bashing nonsense going on, led by none other than satan 666.. Shocked

A true linux aficionado ..I suppose

Along with the usual linux vs win, linux shoudn't be like win etc claptrap..

Us vs them, let the chatter begin.. Who needs soap operas when there is Distrowatch..lol

Ahhh.. success breeds hate mongers..no doubt..(just speaking ~ generally here..)

blah blah blah ..switch off..

At any rate, I'm interested in ""Why won't Ubuntu let us have a real administrator account?"

* Other distributions (most major ones) do!


Why? "
Back to top
View user's profile Send private message 
alienjeff


Joined: 08 Jul 2006
Posts: 2291
Location: Winsted, CT - USA

PostPosted: Fri 23 May 2008, 14:12    Post subject: Re: Why does Puppy run in root?  

jonyo wrote:
At any rate, I'm interested in ""Why won't Ubuntu let us have a real administrator account?"

* Other distributions (most major ones) do!

Why? "

I'll answer your question with a question:

Why are you asking that question on the Puppy Linux forum instead of the Ubuntu forum?

_________________
hangout: ##b0rked on irc.freenode.net
diversion: http://alienjeff.net - visit The Fringe
quote: "The foundation of authority is based upon the consent of the people." - Thomas Hooker

Back to top
View user's profile Send private message 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Fri 23 May 2008, 14:26    Post subject:  

SirDuncan wrote:
As an aside, is anyone else noticing the large amount of interest in the security of running as root?


I think there has been a general & sliding increase in posts about security since 9/11, - recently is only an accelerating phase brought about no doubt by the recent debian/ubuntu debacle

were you affected?

http://www.murga-linux.com/puppy/viewtopic.php?t=29159

As BruceB points out passwords aren't exactly secure, are they, given what they have published about the ssh keys

Aitch
Back to top
View user's profile Send private message 
jonyo

Joined: 28 Dec 2006
Posts: 2727

PostPosted: Sat 24 May 2008, 13:57    Post subject:  

248 • ref # 247 (by OC Smith on 2008-05-24 05:10:11 GMT from United States)
Quote:
sudo su -
plus your password lets you become root.
And besides staying in root for longer duration is suicide.

Also, and I'm not going to post it here, you can create a root password so effectively you can use root.

For normal usage why be root? Not needed and dangerous. That's what gets Windows user into a lot of trouble. The sad thing is they don't even know it!


250 • On using ROOT vs SUDO (by John Grub on 2008-05-24 05:16:33 GMT from United States)
Regarding Ubuntu and root. Have you read this:

https://help.ubuntu.com/community/RootSudo

It explains why its a bad idea to stay in root.
Back to top
View user's profile Send private message 
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Tue 27 May 2008, 01:09    Post subject:  

oblivious wrote:
Thanks.
Quote:
Since that file only contains any new or changed data

New or changed since your last logon, or since the installation? If the former, are there 2 "tiers" in the pup save file - since installation and since last logon?

Since installation. Sorry, should have specified that.

Now, in the case of a non-full install on Flash media, you do have a second tier in ram that has all the changes from just during the session. Puppy will periodically copy those into the save file. In 4.01 Barry will be making the period configurable and (tentatively) setting the default to only copy change to pup_save.2fs during reboot.

With that, you could save settings once and make sure periodic saving is disabled. Then the next time you run it, if you don't do anything worth saving you can simply do a hard poweroff (assuming Barry doesn't add an option to reboot without saving) and not save any new data, but still get to load the old data. For just plain web-surfing this would mostly be fine since all you'd lose would be cookies and cache data.

_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message Visit poster's website 
SirDuncan


Joined: 09 Dec 2006
Posts: 836
Location: Ohio, USA

PostPosted: Tue 27 May 2008, 21:51    Post subject:  

Bruce (and anyone else interested),
When I last gave Ubuntu a try, I was frustrated by the lack of root account. I prefer to do my administration as an administrator. I did some digging, and as it turns out, root logins are only disabled by default and can be re-enabled. I forget how I did it, but I found the instructions on the net somewhere. Google (or your search engine of preference) should find what you seek.

_________________
Be brave that God may help thee, speak the truth even if it leads to death, and safeguard the helpless. - A knight's oath
Back to top
View user's profile Send private message Visit poster's website 
Bruce B


Joined: 18 May 2005
Posts: 11108
Location: The Peoples Republic of California

PostPosted: Tue 27 May 2008, 23:27    Post subject:  

SirDuncan wrote:
Bruce (and anyone else interested),
When I last gave Ubuntu a try, I was frustrated by the lack of root account. I prefer to do my administration as an administrator. I did some digging, and as it turns out, root logins are only disabled by default and can be re-enabled. I forget how I did it, but I found the instructions on the net somewhere. Google (or your search engine of preference) should find what you seek.


Thanks a lot. I think the problem is when you last gave Ubuntu a try.

According to my wasted CD-ROM and communications and reading. Ubuntu worked as you described, then did more serious crippling.

Actually I felt bad because there were things I liked about it.

But the upside is Linux is not under the control of anyone and we don't have to live with one person's decision about the features we can or can't have. Especially in terms of control over out computers.
Back to top
View user's profile Send private message 
Bruce B


Joined: 18 May 2005
Posts: 11108
Location: The Peoples Republic of California

PostPosted: Tue 27 May 2008, 23:39    Post subject:  

Ubuntu's primary argument posted below

    In Linux (and Unix in general), there is a superuser named root. The Windows analog of root is Administrator. The superuser can do anything and everything, and thus doing daily work as the superuser can be dangerous. You could type a command incorrectly and destroy the system. Ideally, you run as a user that has only the privileges needed for the task at hand. In some cases, this is necessarily root, but most of the time it is a regular user.


My rebuttal to the argument posted below.

It's my computer, I'm in the best position to know if I need protection from myself.

If I really could type in a command incorrectly and destroy the system, I'll make sure not to type in that command again.

If the 'superuser' can do anything and everything, cool, way cool! Then I want to be the superuser. That is exactly what I want and how I want to operate my computer. With full permission I'm an adult and the computer is mine. Man over machine.
Back to top
View user's profile Send private message 
nipper


Joined: 22 Mar 2008
Posts: 150

PostPosted: Wed 28 May 2008, 08:25    Post subject:  

Bruce B wrote:
It's my computer, I'm in the best position to know if I need protection from myself.

If I really could type in a command incorrectly and destroy the system, I'll make sure not to type in that command again.

If the 'superuser' can do anything and everything, cool, way cool! Then I want to be the superuser. That is exactly what I want and how I want to operate my computer. With full permission I'm an adult and the computer is mine. Man over machine.


You make a good argument for this. As a "social" argument it is hard to argue with if one believes in freedom. However, the issue we are discussing here is a "technical" one. With any of the distros, if *you* load it you can make yourself root, you do have the password, you are the one who sets it. *You* get to use your system as you see fit if you are able to configure it thus. However, you may not want *someone else* who uses your computer to be able to type in a command incorrectly and destroy *your* system. I'm reminded of the poster, who's name I don't remember, relating how his ten year old kept messing up the system for everyone and then it had to be fixed by the poster, every time.

Don't misunderstand, I don't have a problem with Puppy running as root. I understand how useful and easy to use Puppy is because of that and applaud BarryK's crafting. I came here to get a copy because it's good. My opinion, its strength is as a single-user, workstation type of distro.
Back to top
View user's profile Send private message 
erikson


Joined: 27 Feb 2008
Posts: 735
Location: Ghent, Belgium

PostPosted: Wed 28 May 2008, 13:50    Post subject: Re: Why does Puppy run in root?  

Swarup wrote:
I am wondering why it runs in root? Sounds sort of risky and unnecessary. Is there some benefit to doing it this way?

Insofar I understand, Barry has conceived Puppy right from the outset as a single-user desktop operating system, for users who like to be "in the driver's seat".

No doubt this fundamental choice allowed him to avoid the convoluted complexities of dealing with subtle multi-user security issues (*), and instead to focus his efforts on the speed, functional substance and robustness that makes Puppy so great.

(*) Surely Redmond is dealing with these, and they have been shoveling multiple "security updates" onto my laptop up to a point that it has become too slow for me to do meaningful work under XP without frustration.

_________________
If it ain't broke, don't fix it. --- erikson
hp/compaq nx9030 (1.6GHz/480MB/37.2GB), ADSL, Linksys wireless router
http://www.desonville.net/
Puppy page: http://www.desonville.net/en/joere.puppy.htm

Back to top
View user's profile Send private message Visit poster's website 
gerry

Joined: 26 Jul 2007
Posts: 946
Location: England

PostPosted: Wed 28 May 2008, 14:07    Post subject:  

I think that messing up my Puppy by making a mistake when operating as root is a non-issue for those of us who use the live cd. The pup_save file is backed up, and it takes only a minute or two to delete the messed-up pup_save and copy the back-up to get everything back again.

I've never messed up the system accidentally- it's always due to some experiment or download that has not worked.

Gerry
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 2 of 4 [48 Posts]   Goto page: Previous 1, 2, 3, 4 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » House Training » Beginners Help ( Start Here)
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.2167s ][ Queries: 11 (0.0103s) ][ GZIP on ]