Root vs Uer, WAS: Re: [CLUE-Tech] How Safe Is It, part II

Keith Hellman kehellman at yahoo.com
Wed Nov 6 13:36:23 MST 2002 

On Wed, Nov 06, 2002 at 10:24:20AM -0700, Timothy C. Klein wrote:
> * Jed S. Baer (thag at frii.com) wrote:
> > But why root? Why not rfrank? Or something other than root. You shouldn't
> > force yourself to log in as root to do non-sysadmin tasks. Remember, a
> > typo as joe user can be an inconvenience. A typo as root can be a
> > disaster.
> 
> You know, as one who has always used his Linux machine for desktop stuff,
> I find this wisdom just doesn't hold.  It makes sense on a server, where
> a mistake could mean downtime that could make users angry, and possibly
> get one fired.
> 
> But on my machine, it is used by me only.  My wife and mother-in-law use
> it indirectly as it filters packets for them, and does NAT.  If I nuke
> the whole machine (which I have done), it is no big deal.
> 
> So why does it not make sense to me?  The only important stuff on this
> machine is all under /home/teece:  papers, source code, pictures, mp3s,
> etc.  All that stuff is the reason I have my computer.  The stuff
> outside /home/teece just makes the box work.  I have it on CD or it is
> very easily attainable via the net.  Even config files in /etc are just
> a little bit of time to rebuild.
> 
> So, to do real damage to my computing experience, I need to delete stuff
> in /home/teece.  I can do that if I am root, or if I am not.  In the
> end, I trust myself.  The whole mentallity of treating root as so
> special doesn't really hold.  If I hurt myself, more than likely it will
> be as 'teece', not as root.
> 
> I see this caveat always spoken, and it really doesn't apply in the
> single-user machine.  It doesn't hurt, either, of course.
> 

Wow.

- Do you surf the web using Mozilla, Netscape, or Konqueror as root ?
* Eventually you will run some malicious script as root - have you
  considered this?
- Do you use Wine that can successfully host Windows Viruses ?
* Running as root, you can inadvertently host trojaned programs that
  masquarade behind low-leve port numbers - I may be wrong but I believe
  that some Windoze viruses will do this.
- Do you download and install software without performing thorough code
  audits? Do you always check the PGP signature of each RPM you install?
* Because if you don't, and your machine is on the Internet (which it
  sounds like), then you may eventually be responsible for hosting a
  DDoS from a trojaned /bin/bash or /bin/ls.
- Are being responsible enough to run security auditing utilities such
  as PortSentry and Tripwire?
* Otherwise, how would you even know that one of the above has occured?

I'd also like to point out that as a user you can protect yourself from
deleting whole directory trees:
<snip>
Script started on Wed Nov  6 12:35:43 2002
not_root$ mkdir T
not_root$ touch T/foo
not_root$ chmod 000 T
not_root$ rm -rf T
rm: cannot change to directory `T': Permission denied
not_root$ ls T/
ls: T/: Permission denied
not_root$ chmod 777 T
not_root$ ls T
foo
not_root$ chmod 000 T
not_root$ sudo rm -rf T
Password:
not_root$ ls 
not_root$ exit
</snip>

Here's a thought:  run a find/xarg command from / that changes the
ownership of EVERYTHING except SUID programs to your login.  Then you
don't have to run as root, and you can still have the pleasure of
rebuilding machines when you've accidentally obliterated your
/dev and /etc.

And just our of curiosity, what pray tell do you do on a day to day,
hour by hour basis that requires root authority?

-- 
Keith Hellman                             #include <disclaimer.h>
kehellman at yahoo.com               from disclaimer import standard

"Experience is a hash teacher.  She gives the test before you learn the
lesson."

--Unknown

More information about the clue-tech mailing list