 |
Puppy Linux Discussion Forum Puppy HOME page : puppylinux.com "THE" alternative forum : puppylinux.info
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in|
The time now is Tue 18 Jun 2013, 23:40 All times are UTC - 4 |
 Forum index » Off-Topic Area » Security |
|
Puppy is great except running as root?
|
 
|
View_previous_topic :: View_next_topic |
| Page 1 of 3 Posts_count | Goto page: 1, 2, 3 Next |
| Author | Message | ||||||||
|---|---|---|---|---|---|---|---|---|---|
|
TheTick
Joined: 14 Nov 2008 Posts: 7 |
Hi, I've tried Fedora, OpenSuSE, Mint Linux and was disgusted by the performance I got on my 900Mhz PIII 320G laptop. Damn Small Linux is nice but would take too much of my time to setup all the apps I would like to use. I just want to browse websites with firefox and look at email and dabble with basic Linux system admin. I quickly installed Firefox and switched the menu fonts to something reasonable with the GTK theme chooser. Also I enabled the autohide in the .jwmrc-tray file. Afterwords I found the GUI config tool for jwm. Finally I setup my Prism 2 wireless card. All straight forward tasks that are not trivial for new Linux users. As a long time UNIX user and backup sys admin as far back as 1992, I was a little disturbed puppy defaults to run as root? Now I know how to add users and can set that up , but root as default seems like a poor choice for security. Is there a reason root is the default? |
||||||||
|
|||||||||
 |
|||||||||
HairyWill
 Joined: 26 May 2006 Posts: 2949 Location: Southampton, UK |
why running as root is acceptable http://murga-linux.com/puppy/viewtopic.php?t=29441 http://www.murga-linux.com/puppy/viewtopic.php?p=199344 there are plenty more _________________ Will contribute: community website, screenshots, puplets, wiki, rss |
||||||||
|
|||||||||
|
|||||||||
alienjeff
 Joined: 08 Jul 2006 Posts: 2290 Location: Winsted, CT - USA |
OFFS ... the holy war that seems to never end. FMI, check: http://www.murga-linux.com/puppy/viewtopic.php?t=29441&sid=4320be77d63b0bad0ab16e1ce314c1bd _________________ hangout: ##arch-ftw on irc.freenode.net diversion: http://alienjeff.net - visit The Fringe quote: "The foundation of authority is based upon the consent of the people." - Thomas Hooker |
||||||||
|
|||||||||
|
|||||||||
Bruce B
 Joined: 18 May 2005 Posts: 10823 Location: The Peoples Republic of California |
As a Unix user you know what Multi-Tasking, Multi-User machines are. I trust me as root. Like yourself, about all I'm really interested in, in terms of connectivity applications is the browsers. I do that as spot. su spot cd . b -> .bashrc And limited user spot has a full repertoire of alias, scripts, directories and etc. All which I made. And spot runs the browsers. Also spot can run nearly all the apps, if I want, except some daemons. Then there are other users, seven or eight by default. _________________ New! Puppy Linux Links Page |
||||||||
|
|||||||||
|
|||||||||
|
alienjeff
Joined: 08 Jul 2006 Posts: 2290 Location: Winsted, CT - USA |
Please excuse my earlier haste, but this issue keeps coming back to life. And quite honestly, it gets a little tired.
My knee jerk answer to this is "to aid in simplicity of design." Instead of trusting the opinion of a mere user like myself, you might be interested in what the developer has to say. Scroll down to Q: Security concerns on Barry's FAQ page. He goes on to reference this rather contentious, tedious, and protracted thread. Hope that helps. _________________ hangout: ##arch-ftw on irc.freenode.net diversion: http://alienjeff.net - visit The Fringe quote: "The foundation of authority is based upon the consent of the people." - Thomas Hooker |
||||||||
|
|||||||||
|
|||||||||
|
cthisbear
Joined: 29 Jan 2006 Posts: 2980 Location: Sydney Australia |
" My knee jerk answer " But booted that one home AJ. Good one. What I would like to know is if all those advocating this type of - Security - actually shred all their post addressed letters, bank statements, utilities bills etc to stop anyone going through their garbage and using all this freely available info to defraud people. No firewalls etc in the old garbo bin. If I want root I'll get out my gardening fork. Chris. |
||||||||
|
|||||||||
|
|||||||||
|
TheTick
Joined: 14 Nov 2008 Posts: 7 |
Yes I do shred all my mail. Anything with my address and/or name. BTW I did read Barry's response and he does make sense in that puppy is NOT a server and all data except on your sfs files is read only. I just fear people see this and not understanding the unique puppy criteria think its OK for all Linux machines to boot to root. Thanks for all the details .. and I will be running my browser and eamil client as spot. Thanks! |
||||||||
|
|||||||||
|
|||||||||
|
Flash
Official Dog Handler  Joined: 04 May 2005 Posts: 9906 Location: Arizona USA |
I'm still waiting for a report - from anyone anywhere, using any Linux distro - of a problem they had that would not have happened had they not been running as root. Without actual experience to analyze, we're just wasting our time guessing the worst that could occur. _________________ Puppy Help 101 - an interactive tutorial for Lupu 5.25 |
||||||||
|
|||||||||
|
|||||||||
|
cthisbear
Joined: 29 Jan 2006 Posts: 2980 Location: Sydney Australia |
" Yes I do shred all my mail. Anything with my address and/or name. " Fair enough................Chris. |
||||||||
|
|||||||||
|
|||||||||
bugman
 Joined: 20 Dec 2005 Posts: 2131 Location: buffalo commons |
i deleted an essential file once, because i am an idiot i suppose i could have deleted the file in a multi-user system too, but it would have taken longer root still wins! [more efficient idiot] |
||||||||
|
|||||||||
|
|||||||||
|
tw296
Joined: 13 Nov 2008 Posts: 51 |
Nth hand this one admittedly. But someone attempts to clear out a directory with
Problem is, there's some keymap issues, so he actually does
Bye bye system. Also I seem to recall there's a gotcha with rm where something can match '..' (the parent directory) unexpectedly. Finally, I don't have a major problem with puppy defaulting to root. What I have a problem with is it seems to make it inordinately difficult to login as NOT root. |
||||||||
|
|||||||||
|
|||||||||
|
Bruce B
Joined: 18 May 2005 Posts: 10823 Location: The Peoples Republic of California |
In your if scenario, you are talking about a stupid or possibly an intentionally destructive user. Don't let stupid users use your computer, they can get their own to mess up. If it be intentionally destructive, it wouldn't matter what OS or how it was configured. You would pretty well have to put the computer out of access. For example, some companies have their really important servers and other computers in air conditioned rooms, which only the administrators and probably the owner has keys to. _________________ New! Puppy Linux Links Page |
||||||||
|
|||||||||
|
|||||||||
|
disciple
Joined: 20 May 2006 Posts: 6199 Location: Auckland, New Zealand |
I still think the best answer is Nathan's tinfoil hat article (BTW he actually converted Grafpup to a multiuser system).
That's pretty much what I say every time someone mentions this. tw296 - we want real world examples of something someone has done, not theoretical examples of what they can do 
The reason this is so is because no one has taken the time to make it easier. Perhaps you would like to volunteer? There are some people who would thank you. _________________ DEATH TO SPREADSHEETS - - - Classic Puppy quotes - - - Beware the demented serfers! Edited_time_total |
||||||||
|
|||||||||
|
|||||||||
|
tw296
Joined: 13 Nov 2008 Posts: 51 |
Also, seeing as how Grafpup is a multiuser system - can't we (by which I mean me if I get the time) backport whatever changes make that possible to Puppy? EDIT: Yes, Ubuntu's default setup is stupid. I change things so that sudo wants the ROOT password, that should make things a bit more secure (though how much?), though it defeats the real point of sudo - but who uses its full power on desktop systems anyways? In any case, being 'as secure as Ubuntu' is hardly something to brag about. Remember that openssh bug? Inherited from Debian, true. But it shows that even Free Software can have seriously nasty things lurking in it that don't get picked up. Making Puppy not run as root would shut up a huge amount of the forum questions. It's easily the most asked question about the distro. In most distributions, the effort required to not run as root is so minimal that even if the security advantage is small, it's still worth doing. In Puppy that's not the case - running as root requires effort on the user's part, and it's perhaps effort not well spent. But I have yet to see any argument that running as root is MORE secure than not doing so. |
||||||||
|
|||||||||
|
|||||||||
|
disciple
Joined: 20 May 2006 Posts: 6199 Location: Auckland, New Zealand |
Maybe for you, but for me it is not worth it - I just find it annoying
Well I'm not sure how much would be easy backporting and how much you would have to do from scratch. Grafpup 2 is a lot more different from puppy than Grafpup 1.x (which wasn't multi-user) was, and is also closer to the Puppy 2.x series than 4.x. So it wouldn't be a simple matter of copying and pasting. I don't think there would be any big disadvantages (size or whatever) in Puppy having multi-user ability, so no one should complain about it. You might like to: 1. ask around for people that are running Puppy as something other than root, and see what they had to do. There has been at least one forum thread about how to do it, but I don't think it was the sort of complete solution you would want. 2. talk to Nathan and see if he has any more notes or advice. 3. talk to the people working on Puppy. WhoDo is coordinating the next 4.x release, but this might be too big a change for it, so it may have to wait a release. I think there are also people working on new 3.x and 2.x releases, but IMNSHO the future is with 4.x _________________ DEATH TO SPREADSHEETS - - - Classic Puppy quotes - - - Beware the demented serfers! |
||||||||
|
|||||||||
|
|||||||||
Puppy is great except running as root?
| Page 1 of 3 Posts_count | Goto page: 1, 2, 3 Next |
|
|
View_previous_topic :: View_next_topic |
|
Forum index » Off-Topic Area » Security |
Rules_post_cannot Rules_reply_cannot Rules_edit_cannot Rules_delete_cannot Rules_vote_cannot You cannot attach files in this forum You can download files in this forum |
Powered by phpBB © 2001, 2005 phpBB Group