Page 2 of 2 FirstFirst 12
Results 11 to 16 of 16

Thread: what's wrong with logging in as root?

  1. #11
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027
    Not allowin root login with remote services like ssh also adds to the sercurity because you have to know two passwords instead of one to get to a root shell.
    Don't know if this is like this in other *nixs too, but in openbsd, if the weel group is populated, only members of wheel can su to root. So if you make sure all members of wheel have strong passwords and so does root, brute forcing youre way to root would be considerably longer...

    Ammo
    Credit travels up, blame travels down -- The Boss

  2. #12
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670
    Put simply (as we always used to say) root leaves big footprints.

    Pretty much, there's nothing you won't be able to do as root, whether you intend to or not... that includes deleting needed files caught in a typo or filling your disk up so full that your system will not be able to reboot (you can fill the disk up as a normal user, too - but it's smart enough to leave a reserve).

    There are lots of reasons to not do this... pretty much the easiest one - it pretty much defeats all security on the box.
    That's pretty much it. You can also use other utilites to control your work as root, like sudo. I like sudo, because you have much more control over commands executed by multiple admins, it will ask for a password for each command (helping you to make sure that you want to do something) and you NEVER have to give out the root password. Giving out the root password to multiple people is just bad policy all around.
    /* You are not expected to understand this. */

  3. #13
    Banned
    Join Date
    Oct 2001
    Posts
    263
    Originally posted here by DjM
    You can 'su' to any account on a *uix system, providing you know the account password. If you are root, then you can 'su' to any account without a password. (at least it use to be like that, I haven't played with *uix for awhile now).
    yes i know...... and to simplify that, you can su to any account provided that you know the root password (or the password of someone in an equivelant group)

    also, incase you think of it giving your 'personal' account access in the root group dosnt do anything differently than just logging in as root so you kinda get screwed the same way if your account has full privelages...... if that makes any sence to anyone but me

  4. #14
    Senior Member
    Join Date
    Jul 2001
    Posts
    420
    Originally posted here by cyb3rn3tik

    btw: 'su' is probably 'standard user'
    su = set user ID

    On solaris su - will set user ID to root (you need the password)

    su someOtherUser -will make u that user

    Cheers,

    Duncan

    If the above was posted elsewhere I aploize for the duplicate

  5. #15
    Senior Member
    Join Date
    Jul 2001
    Posts
    461
    rm -rf *

    from the / directory

    pretty much says everything about why you shouldnt run as root all the time.

    BTW, I been there and done that. thankfuly it was just my personal machine

    Also, even if you are very very careful about what commands you use and apps you run, if you have to leave a machine for an emergency bathroom or cofee run and dont logout, someone else could cause many problems for you if you are logged in as root

  6. #16
    Senior Member
    Join Date
    Dec 2001
    Posts
    884
    I always thought su was super user as well as one other in this thread... hmm...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •