Results 1 to 9 of 9
I'm fairly new to Ubuntu, and one of the things I don't like about it is the fixation of avoiding root login. I read in the sticky post at the ...
- 01-25-2011 #1Just Joined!
- Join Date
- Jan 2011
- Posts
- 5
Why is 'sudo' better than logging in as root?
I'm fairly new to Ubuntu, and one of the things I don't like about it is the fixation of avoiding root login. I read in the sticky post at the top of this forum that logging into a GUI interface as root is nearly always a bad idea. Why is this? If I have access to the root password, and can simply sudo commands as root, what is the functional difference? The only difference I can see is that I have to continually type in my root password for pretty much everything I do. Elevating a user to root status seems to require a call to the almighty.
I'm usually the only one with access to this system, and I generally like to add in user accounts for any other people that will use the system, and leave root for myself. What is the benefit of requiring 'sudo' all the time?
- 01-25-2011 #2forum.guy
- Join Date
- May 2004
- Location
- arch linux
- Posts
- 18,099
It's not necessarily better for everyone, but you can read this short article to help you decide if it's better for you:
Originally Posted by Kincaid 
http://www.linuxforums.org/forum/ubu...in-ubuntu.html
I personally never login as root, but I don't use sudo either. Instead, I use the su command to gain root permissions when needed. Run man su in a terminal to get more info on using su.oz
→ new members/users: read this first | new member faq
→ no private messages requesting computer support - post them on the forums!
→ please use the "report post" button to alert our forum admins to problematic posts rather than responding to them yourself.
- 01-25-2011 #3Linux Guru
- Join Date
- May 2009
- Location
- Munich
- Posts
- 2,102
- With sudo, you do not need the root password. Just your user password.
- Root has no restrictions. You can easily destroy your system with just one command
- using sudo for elevated access creates awareness ("Now I need to be careful")
- sudo can be restricted to certain commands, users and groups. Whereas root = root = full access
- from remote (ssh): if you first have to login as a user via key and then elevate to root, you need to present *two* credentials before you have full access. Which improves security. Remote root logins should be disabled for this reason.
There are surely more reasons, this was just a first braindump
You must always face the curtain with a bow.
- 01-28-2011 #4Just Joined!
- Join Date
- Nov 2010
- Posts
- 61
sudo is mainly for newbies so they dont mess around with system files by accident.
I have sudo turned off and "su" to root as normal when needed.
- 01-28-2011 #5Linux Guru
- Join Date
- May 2009
- Location
- Munich
- Posts
- 2,102
Itīs a tool, and I kindly disagree: Itīs not only for newbies.
Suppose you are a sysadmin and work with DBAs.
You trust them enough to deal with their databases system.
(Actually, according to their role, they should know more than a sysadmin
)
But you dont want them to mess with the rest of the system.
In that case sudo could be used to let them e.g. restart their oracle/postgres/etcYou must always face the curtain with a bow.
- 01-28-2011 #6Just Joined!
- Join Date
- Nov 2010
- Posts
- 61
Yeah i suppose you are right. Ive never been in that position where had to let others use admin privileges. Originally Posted by Irithori Itīs a tool, and I kindly disagree: Itīs not only for newbies.
Suppose you are a sysadmin and work with DBAs.
You trust them enough to deal with their databases system.
(Actually, according to their role, they should know more than a sysadmin )
But you dont want them to mess with the rest of the system.
In that case sudo could be used to let them e.g. restart their oracle/postgres/etc
- 01-28-2011 #7Linux User
- Join Date
- Oct 2010
- Location
- Baja Oklahoma
- Posts
- 358
If you're logged in as root, then no further password is required to do anything. Any malware which comes in can do anything it wants. Granted, it's not nearly as common as on Windows, but it's possible, and anyone who can get in from the outside has acces while you're root. If you forget to log out, then the system is unprotected while you're gone. With sudo, the root privileges go away in 5 minutes, but if you log in as root, they don't go away until you log out.
- 01-29-2011 #8Linux Engineer
- Join Date
- Apr 2009
- Posts
- 1,230
Some more materials you might be interested to read.
nujinini
Linux User #489667
- 01-29-2011 #9Just Joined!
- Join Date
- Mar 2010
- Posts
- 79
One can avoid that by using `su -c <command>`If you're logged in as root, then no further password is required to do anything. Any malware which comes in can do anything it wants.
What is malware and where should it come from?
True, but that is not the way it is set-up in Ubuntu ( -> ALL).Itīs a tool, and I kindly disagree: Itīs not only for newbies.
Suppose you are a sysadmin and work with DBAs.
You trust them enough to deal with their databases system.
(Actually, according to their role, they should know more than a sysadmin )
But you dont want them to mess with the rest of the system.
In that case sudo could be used to let them e.g. restart their oracle/postgres/etc
Login to GUI as root is a bad idea. As root you don't need lots of gui-apps (if at at all).
Do what needs to be done as root and `exit` the terminal-emulator or close the app which you used.
I for one would go for the default way of the OS (which, for Ubuntu, is the usage of sudo). Makes it more easy to communicate with others.
I for one don't worry much about security. Are you sure it is that important to you?
Just saying.
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts