Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: what's wrong with logging in as root?

  1. #1
    Junior Member
    Join Date
    Jun 2002
    Posts
    4

    what's wrong with logging in as root?

    I have read several *nix books that strongly advise to "avoid logging in as root" and better use 'su' instead. These books mention it has to do with security issues but they do not give further explanations as to why and how it is exploited.

    I will appreciate detailed exploits. Thanks.

  2. #2
    well, for one thing, if you are remotely controlled when you are logged in as root, bad things can happen bcuz the hacker can change EVERYTHING (because you're logged in as root, so that account, the one the hacker is controlling, has total control over the entire system). Also, if you accidentally get a letter wrong in a command, since you're in root, you could wreck your system. It's not near as easy in a standard account. That's why people don't use root for everyday access.

    btw: 'su' is probably 'standard user'

  3. #3
    Senior Member
    Join Date
    Oct 2001
    Posts
    255
    if u run as a normal user, uve less chance of mucking everything up, if u run a file in root it has access to everything.

    preep
    http://www.attrition.org/gallery/computing/forum/tn/youarenot.gif.html

  4. #4
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    cyb3rn3tik - 'su' stands for Switch User.

    pinoy - Logging in as root is not so much a matter of 'exploits' as it is good administration practice. First, there is the doing the wrong thing in the wrong place/directory. Like cyb said, you can cause yourself some serious damage. If you have to use the 'su' command to perform a function, hopefully your a little more focused on what your doing, thereby, avoiding mistakes. Secondly, ( and I am sure everyone here has done this), you log in as root, your working away and you get distracted by another problem that needs your attention. You take off to deal with the other issue, now you may be gone only minutes or hours, point is, you just walked away from a server and left it logged in as root. Now I come in behind you, and what have I got, in short, I now own your server.

    Save yourself a few headaches, always 'su' to root.

    Cheers:
    DjM

  5. #5
    Banned
    Join Date
    Oct 2001
    Posts
    263
    hmmmmm i always thought that su ment super user, cause it defaults to root when you give it that command, but i can see why it switch user as well

    oh yeah, and exactly why do you want "detailed exploits"?

  6. #6
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    DjM is very correct. You also have to remember if you have multiple system administrators, it is better to have them log in as their normal user ID and su to do system maintenance for logging purposes (or even better use something like sudo).

    The primary philosophy is do the stuff you need to do as root and immediately log back out to a regular user, there is much less of a chance of a stupid mistake causing permanant damage...

    Neb
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  7. #7
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    You can 'su' to any account on a *uix system, providing you know the account password. If you are root, then you can 'su' to any account without a password. (at least it use to be like that, I haven't played with *uix for awhile now).

    Cheers:
    DjM

  8. #8
    Senior Member
    Join Date
    Apr 2002
    Posts
    242
    i used linux once or twice.. and this was quite nice to read.. =/
    my pages: (great resources for everyone)
    geeksarecool.com resource for computers, hacking, virii, wutnot.
    thepillbox.net archive of logs and resource for laughter.
    --enjoy these pages, as they grow.

  9. #9
    Senior Member
    Join Date
    Nov 2001
    Location
    Ireland
    Posts
    734
    Also, if you run a trojan/virus, it will have 100% rwx on everything. That would suck

  10. #10
    Senior Member
    Join Date
    Apr 2002
    Posts
    711

    Re: what's wrong with logging in as root?

    Originally posted here by pinoy
    I have read several *nix books that strongly advise to "avoid logging in as root" and better use 'su' instead. These books mention it has to do with security issues but they do not give further explanations as to why and how it is exploited.

    I will appreciate detailed exploits. Thanks.
    Put simply (as we always used to say) root leaves big footprints.

    Pretty much, there's nothing you won't be able to do as root, whether you intend to or not... that includes deleting needed files caught in a typo or filling your disk up so full that your system will not be able to reboot (you can fill the disk up as a normal user, too - but it's smart enough to leave a reserve).

    There are lots of reasons to not do this... pretty much the easiest one - it pretty much defeats all security on the box.
    \"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •