Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 24 Oct 2014, 23:46
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Run As The Root User Account
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 3 Posts_count   Goto page: 1, 2, 3 Next
Author Message
666philb


Joined: 07 Feb 2010
Posts: 1776
Location: wales

PostPosted: Wed 20 Apr 2011, 03:32    Post_subject:  Run As The Root User Account  

i thought this was quite funny ...http://www.garyshood.com/root/
_________________
Tahrpup, built with trusty tahr packages http://murga-linux.com/puppy/viewtopic.php?t=93998
Quickpet_Precise, install popular apps quickly http://www.murga-linux.com/puppy/viewtopic.php?t=83642
Back to top
View user's profile Send_private_message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Wed 20 Apr 2011, 05:01    Post_subject:  

Whoah good that you warned me that was so funny my stomach hurts laughing that much.

But this comment is alarming read this one more time:
Quote:
Update: My Shout Out To dionoea At VLC

I participated in a thread on the VLC forums
http://forum.videolan.org/viewtopic.php?f=13&t=48356
where running as root was a major issue. Basically, VLC had implemented code that blocked the root account from running the video player. It was hardcoded into the program. The reason for this was because some of the developers felt that nobody should run VLC on the root account, even though it would work fine.

Us root users made our case for running VLC on whatever account we want, and some pansy named Remi Denis-Courmont kept trying to argue that we shouldn't be running as root in the first place, so we have no business demanding that VLC removes their idiotic and unnecessary root check.

Thankfully, a developer named dionoea was able to come to a compromise with us. She added a compile time option that allowed VLC to be ran under the root account. The USE FLAG "run-as-root" was introduced into Gentoo's portage so that VLC can be compiled this way. Thank you, dionoea.

If you can think of any other projects that give you a hard time about running as root, let me know. Remember, it's your computer. Don't let anyone tell you what you can and cannot do.


I mean what is going on. Hardcoded to shut root user out.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
666philb


Joined: 07 Feb 2010
Posts: 1776
Location: wales

PostPosted: Wed 20 Apr 2011, 15:41    Post_subject:  

Yes there are quite a few apps that have an annoying root warning, and some even more annoying apps that will refuse to run as root. Silly things like xscreensaver have a root warning, why? it's beyond belief! Other apps you have to hack them to actually get them to run. I don't know if you've tried the VLC from portablelinuxapps.org but that has been compiled to not let you run as root. Here's what it says when you run it in a terminal
Code:
# ./VLC
VLC is not supposed to be run as root. Sorry.
If you need to use real-time priorities and/or privileged TCP ports
you can use ./VLC-wrapper (make sure it is Set-UID root and
cannot be run by non-trusted users first).


Imagine the uproar if it refused to run under an account with 'administrator privilege' on windows!

_________________
Tahrpup, built with trusty tahr packages http://murga-linux.com/puppy/viewtopic.php?t=93998
Quickpet_Precise, install popular apps quickly http://www.murga-linux.com/puppy/viewtopic.php?t=83642
Back to top
View user's profile Send_private_message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Wed 20 Apr 2011, 16:54    Post_subject:  

666philb I have a very naive idea. It could be a kind of insurance or damage management. In USA there is a culture of suing the company if something goes wrong so to not get sued they try to warn for anything.

So VLC and others try to curb, to stop the flood of people suing them for letting in the bad guys through some vulnerability in their product?

Cover that asses as we say over there. That would make it very logical but I totally agree that it reads like a joke. It is a kind of bad joke when one see it first time.

_________________
I use Google Search on Puppy Forum
not an ideal solution though

Edited_time_total
Back to top
View user's profile Send_private_message 
Eyes-Only


Joined: 10 Aug 2006
Posts: 1046
Location: La Confederation Abenaquaise

PostPosted: Wed 20 Apr 2011, 17:59    Post_subject:    

Hi Philb!

That link to that article is absolutely precious! I'm glad you posted it! Very Happy Let me tell you something: I've been using a computer now for 25 years ( going on my 26th year pretty soon come to think of it! ) and the entire time as either "Admin" or "root".

When I used Windows I only caught ONE virus - period.

In those 25+ years I've never destroyed my computer. "Accidently" I should add. LOL! A few times purposefully for the heck of it just for fun. And yes - you read that correctly. Wink Boredom does funny things to the mind...

The biggest mistake I've EVER made whilst running as Admin/root was that I ended up deleting my Mozilla ( now SeaMonkey ) profile and hence all my email/addressbooks. And yet even THAT wasn't such a huge disaster as it sounds because I make weekly backups. The most I lost were a few new emails and updates from forums. Big deal and big whoop IMHO. ( For the record: I've never used a "recycle bin" nor "trashcan" as I've either shredded or by-passed and gone directly to delete. )

So all this hubbub over "running as root", such as is currently going on at "DW" and elsewhere? I just take it with a pinch of salt and go on. Two things, however, that I have learnt: #1 I rarely EVER tell ANYONE I run as root as I'm tired as being looked down upon as a 4th class citizen in Linux. #2? I've come to LOVE and bookmark articles like the one you've posted above!

Thank you for giving me my "Smile For The Week" my fellow Puppian Friend! Very Happy

Now I have some Fluxbox themes to go and install if I didn't delete them... Wink

Cheers/Amicalement!

Eyes-Only
"L'Peau-Rouge d'Acadie"

_________________
*~*~*~*~*~*
Proud user of LXpup and 3-Headed Dog. Cool
*~*~*~*~*~*
Back to top
View user's profile Send_private_message 
seaside

Joined: 11 Apr 2007
Posts: 887

PostPosted: Thu 21 Apr 2011, 13:46    Post_subject:  

One step you can take to run programs that complain about "running as root" is to change the "PROGAM.desktop" file in /usr/share/applications as follows:

Code:
Exec=su -c YOUR-PROGRAM-EXEC spot


Cheers,
s
Back to top
View user's profile Send_private_message 
Luluc


Joined: 16 Mar 2011
Posts: 200

PostPosted: Fri 22 Apr 2011, 03:02    Post_subject:  

seaside wrote:
One step you can take to run programs that complain about "running as root" is to change the "PROGAM.desktop" file in /usr/share/applications as follows:

Code:
Exec=su -c YOUR-PROGRAM-EXEC spot


Cheers,
s

Yes, but that does not work for me on Puppy 525. Does it work for you?
Back to top
View user's profile Send_private_message 
L18L

Joined: 19 Jun 2010
Posts: 2530
Location: Moved from Hosla to www.eussenheim.de

PostPosted: Fri 22 Apr 2011, 11:06    Post_subject: Run As The Root User Account
Sub_title: seamonkey spot
 

seaside,
thanks for sharing your
Code:
Exec=su -c YOUR-PROGRAM-EXEC spot


Going to try it in wary

Edit: Now I see there is Browse as user "Spot"
Back to top
View user's profile Send_private_message 
666philb


Joined: 07 Feb 2010
Posts: 1776
Location: wales

PostPosted: Fri 22 Apr 2011, 11:44    Post_subject:  

i'm pretty sure rambo didn't run as spot
_________________
Tahrpup, built with trusty tahr packages http://murga-linux.com/puppy/viewtopic.php?t=93998
Quickpet_Precise, install popular apps quickly http://www.murga-linux.com/puppy/viewtopic.php?t=83642
Back to top
View user's profile Send_private_message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Fri 22 Apr 2011, 11:47    Post_subject:  

Rambo is the one that inspired Barry to make a safe Spot to hide behind Smile
_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
L18L

Joined: 19 Jun 2010
Posts: 2530
Location: Moved from Hosla to www.eussenheim.de

PostPosted: Fri 22 Apr 2011, 13:21    Post_subject: Re: Run As The Root User Account
Sub_title: seamonkey spot
 

L18L wrote:
Going to try it in wary]

Succeeded!
was multilingual wary503q
started the code from CLI there was an error about permissions
Code:
chmod +w /dev/null
made it work.

Note, starting from default browser icon you are root.
dragging defaultbrowser.desktop to the desktop and then klicking that will start defaultbrowser as user spot.

My apologies for having misused your thread. Embarassed
Back to top
View user's profile Send_private_message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Wed 27 Apr 2011, 08:28    Post_subject:  

example of what a total newbie has to learn in protected OS.

I am in Peppermint Ice now. Taste good indeed. No Spearmint at all. The Real Thing as we say.

Anyway it did not allow me to save changes to grub.cfg due to the decent rule that one should write a 40_comment or whatever name it has and then do a grub update too.

Anyway it all get overwritten when the Pepper update so what the heck.

So I got more and more angry when the su and sudo failed to allow me to get permission to save. So Google to rescue. This is a GK machine so one need to gksu leafpad and path to the file one want to edit. Now it saved. Thank Earth for her nature to just be.

But the odd thing is that despite everything looks normal the edit does not show up so maybe something odd is going on. cflf or lfcf or somethinglike that?

How can text that looks perfectly normal in the editor be invisible at boot?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
myke


Joined: 15 Mar 2011
Posts: 102
Location: Québec

PostPosted: Sat 30 Apr 2011, 21:52    Post_subject: Root: Historical Perspective  

This business of "running as root is bad" is a fallacy in my opinion.

The whole idea of having different levels of access to a PC was derived from people's experience with mainframes. In the old days (the late '60s, '70s and '80s), mainframes ruled the roost. These mainframes had programs dealing with the payroll, employee personnel files, market analyses, accounting figures, scenario analyses, the nuts and bolts of a business. Very early it became clear if the mainframe failed the business could go under.

So the mainframe had different groups of users that had access to only the data and programs which they needed as part of their jobs and I/O for the programs was physically handled by computer operators based on instructions given by programmers (IBM had Job Control Language - an ugly POS). The users were physically separated from the machine. This was all done to ensure the integrity of the data and the machine.

Minicomputers were controlled in the same way.

What characterizes mainframes and minicomputers was (and is) that they were almost always multi-user systems.

Today's Linux systems are derived from that heritage. The root account is a simplification of the concept of users with high levels of privileges. However, in general, with PCs, we are dealing with single user systems. Users usually are not physically separated from their PCs. Furthermore, the data that users handle is more precious than the PC software. So security should centre on safeguarding data not safeguarding the software.

To summarize, security efforts should focus on keeping data safe, say, by doing frequent backups and we should not fall into the trap of the "running as root is bad" fallacy as what should be protected is your data and running as an ordinary user or root is irrelevant. You can always download the system again and install whatever additional pets you need. A bother but not the end of the world.

_________________
AA1 D255E-keucr slacko 5.3;luci;mijnpup; tw-os; with:Emacs,gawk,noteboxmismanager,treesheets, freeplane, libreoffice, tkoutline, Sigil, calibre, calendar. magic&Noteliner(wine), kamas (DOS)
Back to top
View user's profile Send_private_message 
sickgut


Joined: 23 Mar 2010
Posts: 1157
Location: Tasmania, Australia in the mountains.

PostPosted: Fri 06 May 2011, 19:01    Post_subject:  

lol

i have 2 vps's connected to the internet 24/ 7 and they both run all their apps as root.
on a commodore 64/ amiga 500/ amstrad cpc6128 whatever old microcomputer you have used, they are single user and you are effectively root when you use them. Maybe the ppl who awear you must not login as root should launch a campain to destroy such computers. Did anyone here ever accidently type in like 20 characters in the specific sequence needed to delete all the files on any of their disks using these computers?

when you use windows 95 or windows xp or whatever you are usually in a single user environment and that is fine. Its acceptable even tho you are at the exact same risk of deleting everything from your C drive as you are when you are logged in as root on a linux system.

has anyone here accidently highlighted every file on there windows OS then right clicked on them and pressed delete? have any of you accidently gone to the start menu then run then typed cmd then once in the commandline accidently entered in del *.* /s ?
Has for instance a cat walked accross your keyboard and typed in rm -rf /* ?

its fine to be a root level user on any other OS than linux the experts will have you believe.

On windows its taken as a given you can run whatever files you like and remove them and thats cool. But login as root on a Linux system and what you get is:

DUDE! DONT YOU KNOW IF YOU LOGIN AS ROOT AND YOU ACCIDENTLY TYPE RM -RF /* THEN IT WILL BREAK YOU R SYSTEM? DUDE YOU GOTTA LOG OFF AND LOGIN AS A NORMAL USER.... NOW!!!

its like the firewall issue, linux doesnt need one but everyone says you gotta run one so most people do even tho they dont need to. The linux root issue os the same, everyone says you shouldnt do it so alot of people dont do it and that is the only reason people dont login as root, because everyone says you shouldnt.

You gotta wonder what goes on in the psyche of someone who wakes up in the morning and logs into their linux system as root then freezes and then starts shaking in fear because they just *might* accidently perform the intricate and delicate and precise finger movements that are required to enter in rm -rf /* .

I run everything as root. if its worth doing its worth doing as root. when people tell me that ppl shouldnt run stuff as root, i say: "well...... im not a retard. Maybe someone with some severe mental disability or disassociative personality disorder might accidently enter in rm -rf /* but im sure a normal person would realize they where infact typing on the keyboard and maybe they should look at what they are typing. If you sleep type then maybe you shouldnt sleep next to your keyboard. If you sleep walk and sleep login as root and type rm -rf /* then you really shouldnt be living by yourself at home or even be within 10 meters of a computer and you possibly need to be looked after in a mental institution or something. im sure normal people dont usually and accidently type in rm -rf /* ".

just my 5 cents worth
sickgut
Back to top
View user's profile Send_private_message Visit_website 
cthisbear

Joined: 29 Jan 2006
Posts: 3433
Location: Sydney Australia

PostPosted: Fri 06 May 2011, 22:30    Post_subject:  

The root issue is the biggest BS exercise out there.

Give me the money shot...excuse the French.

///////

I should have bookmarked the page where someone here recently posted
as to why root >> existed >> from the days of IBM.

This crap will produce more division here than any other event.

And who is going to stand up and answer all the questions
when browsers and printers etc don't work.

A meaningless pathetic exercise.
I will use a similar description posted by Caneri years ago, in evicting
someone off his server.

Barry ...you have been sucker punched.

How about fixing Wireless Security instead?

Such as this...My latest April 2011 technique .

http://murga-linux.com/puppy/viewtopic.php?t=66936

No...no response...wireless needs more security.

Yet we drone on with this Root shite.

Now instead of being different to all the othe Lemming robots,
we have been assimilated.

A true case of if you whine the more...idiots hear the roar.

Chris.
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 3 Posts_count   Goto page: 1, 2, 3 Next
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Off-Topic Area » Security
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1036s ][ Queries: 11 (0.0048s) ][ GZIP on ]