Find the answer to your Linux question:
Page 2 of 2 FirstFirst 1 2
Results 11 to 15 of 15
If you're using single user mode or root for everything, then your system is no more secure than Windows. In my opinion, that's just plain stupid, and it's your own ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #11
    Linux Engineer
    Join Date
    Nov 2004
    Location
    home
    Posts
    796

    If you're using single user mode or root for everything, then your system is no more secure than Windows. In my opinion, that's just plain stupid, and it's your own fault if you get hacked or something of the sort.

  2. #12
    Linux Enthusiast
    Join Date
    Jun 2004
    Location
    Windsor, CO
    Posts
    656
    Because root is the superuser, so it has complete access. However, I think I know a way to do what you ask. The first to simple mount the filesystem as read-only, but don't do that with the root filesystem.
    The second way is this:
    Create another user and add them to the "root" group. That way you'll have close to root permissions, but still be able to have the advantages of not being root. And the other people are right, running linux as root on a general basis is VERY bad for security.

    A third way would be to try something with PAM or SELinux, but I have no idea how.
    Emotions are the key to the soul.
    Registered Linux User #375050

  3. #13
    Just Joined!
    Join Date
    Nov 2004
    Location
    A world without walls or fences...
    Posts
    47
    Quote Originally Posted by user222
    Quote Originally Posted by copycon
    That is correct that is one of the reasons you should not be logged in as root and do maintenance task throught the use of
    Code:
    su -
    and
    Code:
    sudo
    But why shouldn't it work? The Windows NT/XP ACL's work even when running as Administrator, so it is possible to prevent accdental overwriting of a file. Logging in as a super user should not bypass file permissions, but has the right to change it. I hope this bug would be fixed in future Linux kernel releases.
    Since when should Windows be used as a standard for anything to be tested against? Windows automatically preloads Internet Explorer, should Linux automatically preload Firefox? I don't think so! If you want Windows, use Windows, and don't complain about 'bugs' that keep you from doing the idiotic stuff Windows does. So this (very useful) feature will not be removed.

  4. #14
    Linux Enthusiast scientica's Avatar
    Join Date
    Sep 2003
    Location
    South- or "Mid-" Sweden
    Posts
    742
    Quote Originally Posted by user222
    Quote Originally Posted by copycon
    That is correct that is one of the reasons you should not be logged in as root and do maintenance task throught the use of
    Code:
    su -
    and
    Code:
    sudo
    But why shouldn't it work? The Windows NT/XP ACL's work even when running as Administrator, so it is possible to prevent accdental overwriting of a file. Logging in as a super user should not bypass file permissions, but has the right to change it. I hope this bug would be fixed in future Linux kernel releases.
    that's because "admininistrator", by design not bug, can't do everyhing - in *nix/linux root can do anything, even remove all files in the whole system - but really, it's not that much of a kick, mostly bothersome, you'll have to re-install...
    Also, to say it again: it's not a bug, think of root in *nix as a sort of "god", what root can't do, no one can. This is also true for the phrase "don't take the name of root in vain" - ie, don't log in as root if you don't have to.

    I like to run Linux in single-user mode, so it's a big problem. (I didn't even create a normal, non-root user account.)
    Well, running every thing as root is bad. I've seen figures that of the, relativly rare, exploits 80-99% of them are only "harmfull"* when logged in as root.
    But exploits aren't your worst headace as root, main it's one self, eg, accidentally typing "*" instead of "*~" in certain folders is virtually killing the system. (close windows equivalent is "format /q /Vwnd C:")

    * harmfull = system damages, you could still loose files writable by "you" (and if you happen to be root that'd be _everything_)
    Regards Scienitca (registered user #335819 - http://counter.li.org )
    --
    A master is nothing more than a student who knows something of which he can teach to other students.

  5. #15
    Linux Enthusiast
    Join Date
    Jun 2004
    Location
    Windsor, CO
    Posts
    656
    I think what he's trying to do is simply prevent the file from being overwritten. On that basis, why don't you just back up the file instead? And why is it in danger of being overwritten in the first place?
    Those answers would be more helpful to us to solve the real problem (preventing a file from being overwritten by accident).
    Emotions are the key to the soul.
    Registered Linux User #375050

Page 2 of 2 FirstFirst 1 2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •