Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 02 Sep 2014, 23:19
All times are UTC - 4
 Forum index » Taking the Puppy out for a walk » Suggestions
Root v multiuser
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 3 [41 Posts]   Goto page: 1, 2, 3 Next

Root or Multiuser?
Root
53%
 53%  [ 8 ]
Multiuser
33%
 33%  [ 5 ]
Other (please state)
13%
 13%  [ 2 ]
Total Votes : 15

Author Message
darrelljon


Joined: 08 Apr 2007
Posts: 548

PostPosted: Thu 22 May 2008, 17:36    Post subject:  Root v multiuser  

Root or multiuser or other? How would you like Puppy Linux? Poll to gauge opinion during May 2008.
Back to top
View user's profile Send private message Visit poster's website 
SirDuncan


Joined: 09 Dec 2006
Posts: 836
Location: Ohio, USA

PostPosted: Thu 22 May 2008, 18:20    Post subject:  

I would like it if Puppy were could be multi-user, but not the type we normally see in other distros.

We cannot have sudo. We can have su, in fact we should, but not sudo as it defeats the minor amount of security multi-user gives you.

Puppy can continue to be a root distro, just make adduser work so that people who want to may have other users. This gives the small benefit to security that so many have been griping about and lets the rest continue the way they always have. It shouldn't create any significant overhead, either.

Of course, I'll be just as happy if we stay root only, but multi-user would be nice.

_________________
Be brave that God may help thee, speak the truth even if it leads to death, and safeguard the helpless. - A knight's oath
Back to top
View user's profile Send private message Visit poster's website 
cthisbear

Joined: 29 Jan 2006
Posts: 3404
Location: Sydney Australia

PostPosted: Thu 22 May 2008, 18:27    Post subject:  

I like it simple, I like to get to the screen the first time.

::::::::::::::::::::::
All those wanting security....try Ubuntu or Debian...that worked.

http://www.technologyreview.com/Infotech/20801/?nlid=1085

Security....dream on.

From the same people that have a Myspace page.

http://www.wired.com/politics/security/news/2008/01/myspace

From those who have wireless internet and have never
put in a password in the router.

http://idahofallz.com/2007/03/27/your-unsecured-wireless-internet-is-the-dangerous-weak-link/

:::::::::::::::::::::::::
From those who continually enter contests online
or in shoppng centres...giving away all their details.

And how many government agencies have lost laptops, and USBs
that we know of....let alone the paperwork left by banks,
hospitals in garbage bins.

http://www.smh.com.au/news/national/private-files-put-on-street-for-all-to-read/2008/05/05/1209839554244.html

""""""""""""""""""'''''
No! Leave Puppy alone.
Those that want more can make their own Puplet.
Vista is irritating customers....so they just turn off UAC.

Chris.
Back to top
View user's profile Send private message 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Thu 22 May 2008, 19:21    Post subject:  

If puppy is to be changed to multi users, I give my support to the notion of SU only

Also let the multi user be admin approval mode, so that proper control over security can be maintained
A simple guide demonstrating necessary backup procedure is about all I think would be needed,
but ideally Puppy's quickstart procedure should not be interfered with - let multi user be selected after bootup by logout,
rather than make the main bootup go multi user automagically

Aitch
Back to top
View user's profile Send private message 
SirDuncan


Joined: 09 Dec 2006
Posts: 836
Location: Ohio, USA

PostPosted: Thu 22 May 2008, 19:38    Post subject:  

What I'm saying is that we leave Puppy with only a root account by default, and leave it so that it automatically logs in. We just make adduser work right, and then let people make more accounts and turn off auto-login if they want multi-user. It makes everyone happy and doesn't add any significant overhead (we already have adduser, it is just broken). We also don't add sudo (we don't have it right now anyway).

The way I see it, this isn't even a compromise, because everyone gets exactly what they want.

_________________
Be brave that God may help thee, speak the truth even if it leads to death, and safeguard the helpless. - A knight's oath
Back to top
View user's profile Send private message Visit poster's website 
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Thu 22 May 2008, 20:40    Post subject:  

Actually, to do it "right" we'd need to tweak some things and get people into the habit of writing multi-user friendly code. All the scripts with /root hardcoded into them would need to be changed to use ~/ or $HOME. That isn't as bad since Puppy 2.00 came out and the whole filesystem was writable. We'd also have to start packaging packages to not come with their configuration in /root. Either that, or tweak PETget to put the /root directory of packages into $HOME automatically,

The commands that scripts run would also have to be watched, or they'll only work with root.

I believe there are also some tweaks needed to make X function correctly when it's run as other than root.


So no, I don't think there would be much overhead in getting multi-user working. Just effort. I think it would be worth it, but not high priority.

_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message Visit poster's website 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Thu 22 May 2008, 23:48    Post subject:  

You can have multiple users, when you save and encrypt or not. Do these different saves have a password protection request if you boot up from an encrypted save?

Another multi user possibility is individual multi sessions.

Puppy is not really a network distro (one OS per machine more like) However Puppy is flexible enough to provide networkable puplets as has and is happening Smile

_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11034
Location: Arizona USA

PostPosted: Thu 22 May 2008, 23:59    Post subject:  

I say keep it simple: Puppy should run as root only. Adding multi-user capability complicates things for both users and developers, as Pizzasgood points out. I still haven't seen a single report of a problem caused because Puppy runs as root, that wouldn't have happened if there were limited-power users instead.
Back to top
View user's profile Send private message 
bobwrit


Joined: 12 Mar 2007
Posts: 286

PostPosted: Sat 24 May 2008, 18:22    Post subject:  

There are situations in puppy where I'd like to have multi-user but there are also situations where I'd like root only. If it was an option during installation, It might work for me.
_________________
I need help with my forum. LINK:http://www.programers.co.nr/
http://www.freewebs.com/programm/iframe.html is my gateway page...
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger 
Nathan F


Joined: 08 Jun 2005
Posts: 1760
Location: Wadsworth, OH (occasionally home)

PostPosted: Wed 28 May 2008, 00:32    Post subject:  

Once again there is a lot of misinformation here.

Sudo is in itself no less (or more) secure than su. If anything it is more secure, because to use 'su' you must know the root password and can therefore run ANY program as root. Sudo is weak when it is configured badly, which amounts to user error.

The adduser program in Puppy IS slightly broken, but fixing it does not make it possible to log in to X as another user. There are a lot of other changes required. I have some small amount of experience here.

Creating scripts that function in a multi-user environment is NOT difficult for the user or developer. Only a few habits need changed for the person doing the coding, and they are minor.

Flaming Debian about ONE security hole in how many years? That's a bit crazy I think. It was a bad hole to be sure, and it was left untouched for far too long. But it was ONE hole. I can gaurantee we have more than that in Puppy but not many people are using it for mission critical server installations, and in fact not very many power users at all in comparison with Debian. So our potential security problems may go undiscovered for even longer, sir.

I have stated my piece about this subject at other times and my purpose is not to convince anyone of the merits of running as root or running as nonroot. I would just ask that people stop posting as fact things which are factually inaccurate. Do your homework please.

Nathan

_________________
Bring on the locusts ...
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger 
Nathan F


Joined: 08 Jun 2005
Posts: 1760
Location: Wadsworth, OH (occasionally home)

PostPosted: Wed 28 May 2008, 02:52    Post subject:  

Well I got sick of seeing the uninformed posts about this subject, and even sicker of replying to them. So I wrote the bulk of my thoughts that I thought were important down in a blog page and I'm going to start saying look HERE whenever I see another one of these. In some ways it amounts to a rant but I'm OK with that right now. If you get offended I really don't care. I miss Bladehunter...

Nathan

_________________
Bring on the locusts ...
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Wed 28 May 2008, 03:50    Post subject:  

Congratulations, Nathan on an excellent & informative Blog

Yes, do point to it, as I certainly shall Smile

Far from being a rant, I found it to be well balanced and offering sound reasoning & clear explanation
In fact, the only thing differentiating this piece from a professional magazine writer, was the sheer absense of cr*p

Applause, applause Very Happy

I'm glad to hear that the minor differences between yourself & BarryK,
do not make you feel a need to set off independently, and I appreciate your unprovoked honesty on that front

Thank you

Aitch
PS: never came across Bladehunter AFAIK
Though it sounds like a Movie character, but I don't go out much now....
Back to top
View user's profile Send private message 
Nathan F


Joined: 08 Jun 2005
Posts: 1760
Location: Wadsworth, OH (occasionally home)

PostPosted: Wed 28 May 2008, 08:20    Post subject:  

Quote:
PS: never came across Bladehunter AFAIK
Though it sounds like a Movie character, but I don't go out much now....

Bladehunter was an extremely knowledgeable, but extremely cantankerous guy who used to liven up the forum back in the 1.0-something days. He finally got really angry one day and just had John M. remove his membership and hasn't been heard from again to the best of my knowledge.

The mention was a bit of an inside joke meaning I realize I probably sound a bit cranky.

Nathan

_________________
Bring on the locusts ...
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger 
cb88


Joined: 28 Jan 2007
Posts: 1169
Location: USA

PostPosted: Wed 28 May 2008, 13:25    Post subject:  

hmm seems like i remember BladeHunter but I wasn't into the forum as much back then... and I agree with Sir Duncan puppylinux is a very useful as a root distro but the option to run as a user would be iceing on my cake Smile you know where my vote is...

Yes I do run Debian ... BUT that bug was only a problem if you had an SSH port open or were tunneling over some other port.... I was a serious issue but my install of Debian updated itself before i even knew about it so on that front i am pretty impressed and they certainly didn't try to cover it up

one thing that bothers me is that puppy is compiled from T2 right? well why aren't there more packages from T2 in puppy? like all 3000 of them?

_________________
Taking Puppy Linux to the limit of perfection. meanwhile try "puppy pfix=duct_tape" kernel parem eater.
X86: Sager NP6110 3630QM 16GB ram, Tyan Thunder 2 2x 300Mhz
Sun: SS2 , LX , SS5 , SS10 , SS20 ,Ultra 1, Ultra 10 , T2000
Mac: Platinum Plus, SE/30
Back to top
View user's profile Send private message Visit poster's website 
SirDuncan


Joined: 09 Dec 2006
Posts: 836
Location: Ohio, USA

PostPosted: Wed 28 May 2008, 13:59    Post subject:  

Nathan, that was a superb post. It's good to hear it explained by someone more knowledgeable about the subject. I had not realized that sudo was not broken by default, but I guess that's because the only distro where I really had to use it was Ubuntu. I also didn't realize that Apache forced itself to run as non-root, I just assumed it would run as whatever you told it to.

All in all, it was very informative.

_________________
Be brave that God may help thee, speak the truth even if it leads to death, and safeguard the helpless. - A knight's oath
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 1 of 3 [41 Posts]   Goto page: 1, 2, 3 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Taking the Puppy out for a walk » Suggestions
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0894s ][ Queries: 13 (0.0060s) ][ GZIP on ]