Root as Primary Login: Why Not? 164
A user writes, "I help moderate a forum dealing with Mac OS X, and I'm having an awful time convincing a fair portion of our readers that logging in as root all the time is a Really Bad Idea. Worse, though, are the ones who try to convince others to log in as root all the time, claiming it's 'more Mac-OS-9-like,' or saying 'it's not really more insecure,' or even that 'a firewall should deter hackers pretty well.' I know all the standard arguments, but they're not working out. Does anyone here have some real-world anecdotes that I can point to?"
Why i have to log in as root. (Score:5, Interesting)
Re:Why i have to log in as root. (Score:3, Informative)
Re:Why i have to log in as root. (Score:4, Informative)
Yup, sure does. As far as I know, it's been there since forever. At least since 10.0.3, which was the earliest version that I used regularly.
Re:Why i have to log in as root. (Score:5, Informative)
As for the original poster, I don't know what to say. In OS X root still has to give his password for authentication screens. The only convenience I can really see it having is to mess around with system libraries and configuration files unchecked. Oh yeah, thats right. Most unices aren't very vulnerable to virii because the user isn't root, so the virus can't get at the important things. The most a trojan could do is take out your home directory. Your system would still run.
Of course, logging in as root makes the system slightly more vulnerable to local attacks, but that isn't saying much.
Cmd-S during boot-up.
fsck -y
mount
SystemStarter
passwd root
System compromised.
But thats a feature. I think it can be disabled, possibly by supplying an OpenFirmware password... auto-logging in as root sort of ruins that, though.
If people want security similar to Windows, tell them to run as root. OS9 is somewhat more "secure" than OSX because it was meant to be stupid-proof. Running as root in OSX is like telling the computer you really know what you're doing. If you don't, you shouldn't.
Re:Why i have to log in as root. (Score:4, Informative)
OS X, like most unices, doesn't honor the set-uid bit for scripts.
I would just write a trivial C program and make that set-uid:
On OS X, install dev tools, compile as "cc file.c -o my-script" and then "chmod 4755 my-script". You can then run it from a normal user shell and the script is run as root (make sure the file is owned by root).
NB: I'm not replying directly to you, but rather to the original poster who wanted to know how to do this.
Re:Why i have to log in as root. (Score:1, Funny)
Re:Why i have to log in as root. (Score:3, Informative)
There are two big differences between "boxen" and "virii."
First of all, "boxen" is almost always tongue-in-cheek. It's an old joke, but it's just a joke.
Secondly, "boxen" would be correct, if it weren't for the simple fact that it isn't. It's just one of those quirks of the language: one box plus one box is boxes, and one fox plus one fox is foxes, but one ox plus one ox is oxen. Like a friend of mine said, about fifteen years ago, in my high school English class. "Drive, drove, have driven. Dive, dove, have diven?" "Boxen" is funny because its use points out the arbitrary and inconsistent nature of English pluralization.
As I said, though, "virii" isn't just technically wrong, it's completely wrong. Latin had either no plural at all for "virus," or only a very rarely used and easily confused plural, depending on whose interpretation you accept. "Virii" has zero basis in any kind of fact.
If the correct Latin plural of "virus" had been "virii," and if the use were intended to be sarcastic or humorous, I wouldn't mind so much. But the fact is, people often use "virii" in utter seriousness, as if it were correct and acceptable.
It isn't. It's wrong, wrong, wrong.
OT: what a maroon! (Score:2)
And how do you tell if people are using it "tongue-in-cheek"? When people use "boxen", they usually use it as if it were a real word, and don't draw any special attention to it. Pretty much the way they use "viri"/"virii". Unless you have previously unsuspected telepathic powers, you're using guesswork, and have no factual basis for your claim. Since I first encountered Tom C.'s humorless diatribe over a year ago, I have looked in vain for any evidence that anyone at all takes the silly misspelling seriously. I have failed to find any. It's a little more popular than "boxen", but then it seems to have spread through science fiction fandom, which was a little bigger and more widespread than hackerdom back in the sixties when all this silliness started.
As for the ridiculous "it's not proper Latin" argument, well, that's just dumb! This is English we're talking about, not Latin. Hell, the word "television" mixes Latin and Greek roots, and by the measures you're applying, is a REAL abomination. Why don't you start a crusade to stamp out the word "television" instead of wasting your time on a mild (and admittedly not-very-funny) joke.
Re:OT: what a maroon! (Score:2)
Because-- and I thought I made this perfectly clear-- "virii" was used in this context as a serious plural, with no sense of irony implied. That's not a joke. That's an error.
Like I pointed out in my previous post, "boxen" as the plural of "box," like "VAXen" as the plural of "VAX," derives its certain humor from the irony of the English language itself. If itself, "boxen" is a sort of joke about English. There's no good reason why one ox plus one ox is oxen but one box plus one box is boxes. It's just one of those irregularities. In other words, if a person honestly didn't know the plural of "box" and guessed "boxen," it wouldn't be a dumb mistake.
My circle of friends had a similar little joke in college: one deer plus one deer is two deer. Likewise, one beer plus one beer should be two beer. How many beer have you had tonight? I've had four beer. It was silly, but entertaining. Especially after four beer.
"Virii," on the other hand, comes apparently from nowhere. There's no rational system of pluralization-- or even a decent precedent in irregular pluralization-- that would lead someone from "virus" to "virii." If you want you can say "viri," although that's confusing ("vir" was "man" in Latin, and "viri" was "men"). Or you can say "virora," in parallel with "corpus" and "corpora," but scholars think that's probably wrong, and besides it's really hard to pronounce correctly. (The accent would be on the first syllable: "VYE-ror-uh," like "COR-por-uh.")
The bottom line is that "virii" is a made-up word. If you're going to play games with words, play by the rules. I don't care which set of rules you use, but play by some rules. There is no set of language rules-- from English, Greek, or Latin-- that would lead one to believe "virii" to be the plural of "virus."
So using "virii" in any sense, ironic or otherwise, just makes you sound ignorant. Even worse, it makes you sound like you're an ignorant person who thinks they sound like an educated person.
Re:OT: what a maroon! (Score:2)
Which is irrelevent because -- and I thought I made this perfectly clear -- "boxen" is usually used as if it were a serious plural, with no obvious sense of irony implied. When I see "boxen" used, it's usually in simple statements, like, "I need to set up a dozen boxen tomorrow". I assume (because I know these are educated, intelligent people) that the people who write this know better, and are in on the joke, but I can't prove it, any more than you or I can prove that people who use "virii" do or don't know better.
As for the fact that "virii" doesn't follow the rules of Latin, so freakin' what? That just means it's a different sort of joke! Personally, I fell off my chair laughing the first time I saw that spelling. But then, I'm not the sort of arrogant pinhead who assumes I'm smarter than everyone else (even though I usually am).
And the fact that it's a made up word is irrelevent. English is full of made up words. And it's full of words (like "television") that don't follow the rules. "Correct" English is defined as what English-speaking people say/type. If enough people use "virii", it becomes correct, whether or not the rules of some long-dead other language justify it or not.
Re:Why i have to log in as root. (Score:2, Informative)
Nobody has yet replied to this point (subtle, this is easy to miss unless you've worked with people).
This is because adsl-connect is probably not in your PATH (I'm guessing it's in /sbin or /usr/sbin). You can do a 'man bash', hit the '/' key, type in PATH and keep typing 'n' until you find the entry in the manual page explaining how PATH works.
Short story: type in the following:
Make sure to type in the dash in the 'su' command. The second command should tell you exactly where adsl-connect is, and you can go from there.Not yet… (Score:3, Funny)
Re:Not yet… (Score:1)
I read the thread for a few minutes and smiled. Then I remembered there was a real world and had some work to finish up.
Fools rush in where wise men fear.........
Re:Not yet… (Score:1)
Real world example....... (Score:2, Informative)
But that is my 2 cents, my advice would be to present your argument, if they don't want to listen and want to put their boxes at risk, let them. When they accidentally make a mistake bring their system down they will learn. If they don't learn from that and keep recommending bad admin practices to others, well they are morons. But that is another issue.
Re:Real world example....... (Score:3, Insightful)
People who don't understand why you would/wouldn't log in as root are *extremely* unlikely to be playing around with 'rm', 'chmod', and 'mv'.
You would have a better argument saying something to the effect of "dragging an important system file into the trash" or moving/renaming an important file/folder.
I find it amazing how many people don't want to *login* to their computers.
They tell me, "I know that it's safer to log into my computer, but it's such a pain." --to which my usual reply is "You don't know that it's safer to log in."
Re:Real world example....... (Score:1)
> want to *login* to their computers.
Yes, because most of these people just want to use the computer to get something done, and its the job of the computer to make that easier, rather than toss more obstacles to getting things done.
Because they didnt have to login, or didnt have to su to get things done in the past, they see this extra work as a waste and thus want to avoid it.
Computers should be smart enough to handle these things. Like auto updating patches to the OS or virus signatures, or compressing big files, or other 'routine' stuff.
Maybe extend the analogy to 'have the computer auto-empty the trash for you'. Most people can see that this might be a bad idea, because sometimes you mistakenly delete the wrong file. Then tell them that having to sudo for things rather than always being root is the same - it keeps you from making they types of mistakes that are difficult to recover from.
Re:Real world example....... (Score:1)
Live and learn (Score:2, Insightful)
Root is like crack (Score:5, Funny)
Mod this up (Score:2)
Re:Root is like crack (Score:2)
OS 9 like? Nope. (Score:5, Insightful)
Nope. Not at all. OS 9 has the same level of protection for itself that OS X does, it just works a bit differently. Tell your friends to try this... In OS 9, drag your System Folder to the trash. Go on, do it. Whupps - you can't. Why? Because you don't have 'permission' to. You can only do it if you boot from a different source, like a CD or another volume. Unix does this far better than OS 9 could, but it's basically the same idea. Logging in as ROOT lets you do anything you want. Toss your kernel? SURE!!! No problem! BAD idea. I feel that if someone doesn't know why they shouldn't be root, that alone is reason enough for them NOT to be.
Re:OS 9 like? Nope. (Score:3, Insightful)
My first Macintosh manual (for the Macintosh 512k) had the following to say about installing the "Programmer's Switch": "The Programmer's Switch is used to create an Interrupt or a Reset. If you do not know what an Interrupt or a Reset is, you do not need this switch". While people may criticize this, it has always been Apple's strategy to protect users from their own stupidity.
So really to emphasize the parent post, "If you do not know why to log in as root, don't do it." Period. Nuff said
Alex -- (And I don't even normally log into my BSD box as root)
Re:OS 9 like? Nope. (Score:1)
what exactly does the programmer's switch do?
Re:OS 9 like? Nope. (Score:1)
If you don't, it brings up a modal dialog box with a prompt that simple remains until you type g on a single line or you hit the hard reset button. Needless to say, not many knew what to write.
To be fair, you could also type G <address> where address is what you want to set the pc to, but how useful is that in an OS with mandatory PIC?
Re:OS 9 like? Nope. (Score:1)
Many years ago, as a university sys admin I remember getting a call from the music department for help. Their NeXT machine wouldn't boot at all. They had been "cleaning up" the disk space and - you guessed it - they removed that big "vmunix" file.
Devon
Original Thread (Score:2, Informative)
There are a lot of threads at various mac forums with this topic, but a current one is here at MacNN forums [macnn.com].
MacNN forums seems to have a well deserved reputation for being full of idiots. Especially in the OS X threads.
Say hello to "Bobby" from Ventura California, who started this thread :)
Here's one. (Score:5, Informative)
chmod go-rwx ~/*
But by mistake, you hit the space bar, and get:
chmod go-rwx ~
By the time you realize the hard disk has churned too long, you'd just gone and wiped the permissions on
[pts/2@tardis:/home/dmorriso @00:45] chmod go-rwx ~
chmod:
chmod:
chmod:
chmod:
chmod:
chmod:
chmod:
chmod:
chmod:
chmod:
chmod:
chmod:
chmod:
chmod:
chmod:
[pts/2@tardis:/home/dmorriso @00:46]
And yes, back in the day, I did make this oops and had to reinstall, because I had used su rather than sudo, and had forgotten to un-su. I started using sudo right afterwards.
Re:Here's one. (Score:4, Informative)
I just want to second this. I did the same thing once, but on an SGI O2 rather than a Mac. My variation: chown -R foo
That was when I learned that you can't boot an SGI if files like
And yeah, it was easier and faster to just reinstall the OS than it was to try to fix the ownerships.
Stupid /. humor (Score:1)
What's wrong with
Re:Here's one. (Score:2)
Re:Here's one. (Score:1)
You want to change all your .emacs, .exrc, .whatever to be world-readable so everyone can see just how clever you are:
Well, not so clever after all. '.*' expands to include '..' and '.' and the -R flag combines with this in a Very Bad Way. I got burned by this once (different circumstances, however, I su'ed into root to change some stuff in /tmp). This also depends on what shell you use: with bash, you're screwed, with zsh, you're OK.
Re:Here's one. (Score:3, Informative)
I don't have rpm installed, but I found a program that was only available as rpm. So I ran rpm2targz on it and then tar xvzf. It then extracted a whole bunch of files into a new usr folder in my current working directory, as I had forgotten to cd /. I was still root. So now to get rid of the directory I tried to type:
rm -r usr/
What I actually typed was this:
rm -r /usr
Oops!
Re:Here's one. (Score:1)
rm -rf
that should do it
...
why is the disk still churning
/me slaps forehead
.* matches
I have never logged in as root since, and I'm very carefull with su
Re:Here's one. (Score:1)
Re:Here's one. (Score:3, Informative)
Re:Here's one. (Score:1)
rm ugly-pron. *
ARRRRRR! MY PRON! MY Beautiful PRON!
Re:Here's one. (Score:2, Informative)
Dude, you're using the wrong shell:
NB: this is zsh figuring out my typo, not 'rm' being annoying.
Re:Here's one. (Score:3, Funny)
You mean, that's zsh being annoying.
You don't log in as root in macosx (Score:4, Interesting)
One is just a user, the other is root. In previous versions ( i haven't tested it lately) you could change the password of one but it wouldn't result in a password change of the other (which gave alot of headaches).
Now if you log in you're the normal user, and you can't do anything really dangerous. You need su (which needs to be activated, it isn't possible by default) or sudo to do something as root. Also when you're doing an install that requires root the installer will ask for a super user.
In both cases you use your own username and password (if your user is created at startup). So If somebody sneaks behind my computer when I'm gone to do something else, they can't really do anything dangerous. They would still need a password!
You can make more users if you want without any rights (that's easy), but the system works better than it looks because you don't log in as root!
You can if you want to btw. The password of root is the same as the password of the user.
It does nail down the importance of good passwords which is something that alot of macusers are new to.
Re:You don't log in as root in macosx (Score:2, Informative)
You can enable root through the netinfo config utility. It asks for a new root password.
Re:You don't log in as root in macosx (Score:4, Informative)
You can enable root through the netinfo config utility. It asks for a new root password.
Partially correct. root is created on install just like any other Unix, and is the owner of most files on the system initially. Just who knows what the password is. Netinfo lets you set a different password, but all it is is a pretty GUI for "sudo su; passwd root".
Re:You don't log in as root in macosx (Score:4, Insightful)
Um, no. This may have been true in pre-release versions, but in 10.0 and later, only your regular non-root account shows up in System Preferences. The root account doesn't have your name on it, and the encrypted password is set to "*" meaning logins are disabled altogether.
One is just a user, the other is root. In previous versions ( i haven't tested it lately) you could change the password of one but it wouldn't result in a password change of the other (which gave alot of headaches).
They are not the same account, so changing a user password will not change the root password, and vice-versa.
Now if you log in you're the normal user, and you can't do anything really dangerous. You need su (which needs to be activated, it isn't possible by default) or sudo to do something as root. Also when you're doing an install that requires root the installer will ask for a super user.
If you're an Administrator, you do have write access to the contents of
In both cases you use your own username and password (if your user is created at startup). So If somebody sneaks behind my computer when I'm gone to do something else, they can't really do anything dangerous. They would still need a password!
If you're doing something that actually requires root privaleges, such as changing system settings or installing software, you must authenticate as an Administrator, even if you're already logged in as an Administrator. If you type "sudo tcsh", sudo will prompt you for your password. It's an excellent system.
You can make more users if you want without any rights (that's easy), but the system works better than it looks because you don't log in as root!
What?
You can if you want to btw. The password of root is the same as the password of the user.
As I said before, this is wrong. As I recall, the Public Beta set the root password to the same as the user password at install time; the final version didn't do this.
If you do want to enable root logins, there are three ways to do it:
A) open NetInfo Manager, click the padlock icon, authenticate, then go to select the Domain/Security/Enable Root User menu item
B) open NetInfo Manager, click the padlock icon, authenticate, browse to
C) open Terminal, type "sudo passwd", authenticate, and set a root password.
It does nail down the importance of good passwords which is something that alot of macusers are new to.
I set my system to automatically log me in at boot time, so it doesn't nail down anything.
My stupid story (Score:1)
Anyways I was using the Gnome filemanager at the time and was logged in as root, and moved the
Re:My stupid story (Score:2)
Necessary for GUI users? (Score:3, Informative)
However, most Mac users couldn't use a command line if their life depended on it and probably don't even know that MacOSX has a command line.
The MacOSX user who's a classic mac user will probably never use the command line; if they have to rename a thousand files to add an extension or a prefix or whatever, they'll do it by hand, not by using a tcsh script.
So, the question is, how much damage can one do from the MacOSX GUI at root? I don't know. I have accounts on other ppl's MacOSX computer (namely, at my University) but have never been logged in as root.
Of course, not logging in as root doesn't only protect you from yourself. It also protects you from "trogan" install programs, which say they'll do one thing, and in fact delete the entire hard drive or something else like that.
Re:Necessary for GUI users? (Score:1)
Misconception of mac users (Score:1)
However, I think you have a misconception of "classic" mac users. I would argure that because in order to log in as root in the first place, the user had to go out of her way to enable root in netinfo, this implies a certain level of sophistication, or a least a desire to learn the ropes and gain a greater understanding of the system. The behavior could have been motivated by doing a lot of su commands that the user viewed as tedious and hence sought an alternative. Which implies command line use.
I think the important question is WHY on earth do these users find themselves requiring superuser privleges in the first place? Its probably because they want to tweak the system, which mac users are notorious for, so they may as well resign themselves to having to re-install the system at some point.
I think the problem lies in recommending root-running to others. The argument should be presented like this:
root is there as a layer of protection, to protect you from yourself, and to protect your system from things you might download that could do bad things to your system intentionally or not.
If you run as root, you lose that protection. Take it or leave it, but if you recommend that others also abandon the protection that root provides, please provide them with the coutesy of explaining roots purspose in protecting them from themselves.
Re:Necessary for GUI users? (Score:2)
Muck around in
CLIs are not the only way to get something done (Score:1)
Strike fear into their hearts! :D (Score:1)
Seriously though, a lot of the time when I'm running Linux, I'm in both using my normal account and my root account (though root is on a console and just running top). If there's danger even in that (other than killing the wrong processes), I'd love to hear about them -- better safe than sorry!
Same Q for Administrator with Windows XP Pro...? (Score:1)
Re:Same Q for Administrator with Windows XP Pro... (Score:1)
my only recommendation is MAKE SURE IIS IS NOT INSTALLED. script kiddies and horny teens can gain Administrator access without a password. (unless you're insane and actually want to USE it.)
The Mac OS X security story direct from Apple (Score:5, Interesting)
That said, Mac OS X has a root user, but root does not have a valid password on installation. The first user that is created via the setup assistant is what is known as an admin user. These are users who are members of the group "admin", a predefined group. Apple provides an API whereby a GUI application can ask for an admin user's password, and thus gain sudo-style privileges for actions such as installing software (which might need to put things in places that can only be touched by root). Also, the
In addition, admin users have access to the
Note that the
If a user were to log in as root, he or she would immediately gain write access to the
From the command line side of the house, admin users are allowed to do anything via the sudo command, which is preinstalled on Mac OS X. If you need root access, you can use sudo to do just about anything from the command line. If you really, really need a root shell, you can always do "sudo -s" and get one.
In summary: Mac OS X has the tools that you need to perform system administration tasks form either the GUI side or the command line side without needing to log in as root. Logging in as root is the equivalent of opening up a piece of machinery with the warning label, "No user serviceable parts inside", and you should not be surprised if you get hurt when you do this.
Paul Suh
psuh@apple.dontbotherspammingmeigetwaytoomuc
Note: on Mac OS X Server, root is enabled by default. This is considered less of an issue since it is expected that servers will be run by people who have a better understanding of the issues involved and are more likely to be doing things that need root access, even from the GUI level.
Re:The Mac OS X security story direct from Apple (Score:1)
I've never enabled root on my system, as I've heard a few warnings a while back, and I've never needed it. The only time I may have been tempted was when StuffIt Expander(the main archive decompressor for the Mac) was updated, and I didn't have permission to delete the old version that came with OS X. I ended up deleting it from 9.22. I do use my Admin account all the time. I tried a personal user account once to see if things would run faster, but there was no change, and a new account felt like a whole new machine to configure to my preferences.
Re:The Mac OS X security story direct from Apple (Score:1)
You could probably have handled this without being root, and w/o rebooting. In Terminal in an Admin account, do:
sudo rm -rf HideousStuffitDirectory
And as for moving your personal environment to a new account, you would get 99% of it by something like:
sudo ditto ~oldUser/Library ~newUser/Library
shudo chown -r newUser.newGroup ~newUser/Library
Really I can't see any reason not to do that for the entire home directory. Just lop off the "/Library" parts.
Re:The Mac OS X security story direct from Apple (Score:2)
...and pouring in a bag of marbles
...and putting the machinery in a paint shaker
Thanks for a lucid an enlightening post. It's going into my "I might need this to show a user someday" file.
All it takes is.... (Score:1)
Re:All it takes is.... (Score:1)
That's all the frickin' real world example you ever need. Thank god it was on a partition. But I lost my entire MP3-collection.
Bad karma will do that to you.
Re:All it takes is.... (Score:2)
The problem is, IMHO, the mere existence of root, as opposed to a more fine-grained approach - things would be much nicer if "may bind to a port <1024" wouldn't automatically imply "may rf -rf /". It's nice to see that some unixes seem to move in this direction, but, well, HURRY THE F*CK UP, developers! ;)
Something I was told. (Score:1)
Not a new problem (Score:3, Insightful)
I'll only tell you the anectdote salient to this article. He would, of course, only log in as root as the KDE rpm front-end wouldn't work when you're logged in as a regular user and he didn't want to figure out how to use the the command-line rpm (I don't know if currently KDE does a sudo/su-type thing using the GUI, but it didn't back then - if you ran kfm as non-root, you couldn't use the RPM front-end).
At one point he could no longer log in. Problem? / was full. He was downloading all his stuff into /root (a one gig partition) and /home (20 gig partition) was completely empty. You could log in from console, but not from XDM since XDM creates files in /tmp upon login. He had no idea how to get from XDM to another virtual console, so he was effectively locked out of his machine.
My point? Give up. Don't worry about it. They will not learn why logging in as root is bad until they get burned. Especially since you're just a forum moderator - if you were getting paid to do this and your job depended on these machines staying up, you would have every responsibility to ensure people were properly following your policies; but, as a mere guru to these people, allow them to learn in the most effective fashion: trial by error.
Re:Not a new problem (Score:2)
Yes it does, and to give you an idea of how old your ancedote is, kfm was dropped in favor of Konqueror two major versions ago (since 2.x).
--
Evan
Re:Not a new problem (Score:1)
Please, actually work with these people before trying to tell me how it would be so easy to convert them to unix. It's completely different in a corporate environment than the home environment (and I don't see OS X being targetted at corporate environments, so we're talking about mom and pop and their home computer here). In a corporate environment, they have you to get the machine working and install new software, etc. You try to put unix in a mom-and-pop home environment, and you'll be inundated with phone calls. You'll fix something for them (which will require root privs) and then you'll get another phone call 20 minutes later.
Try installing a mozilla build without using a command line, logged in as a regular user. Sure, you just install it to your home directory, but how many people are going to figure out that they need to change the default value in the dialog box? After you've installed it to your home directory, how do you start it up? Well, maybe it installed an icon on your KDE/GNOME desktop, maybe not. Let's assume it has. Now, what if you're in Konqueror and you want to use the "Open using Mozilla" menu option. Do you think that will work? Nope. Mozilla is not in your PATH (and that is what the latest version of Konqueror uses - it just does an execvp). Do you walk your grandmother through editing her .bashrc using emacs?
These people don't know the difference between a slash and a backslash - you'll have difficulties telling them over the telephone exactly which characters to type in, one at a time. When I say "et-see are see dot dee init dot dee" you think "/etc/rc.d/init.d" but mom-and-pop thinks "WTF?" You'll then give up, go to their physical location, enable ssh, and fix everything remotely from then on.
I have a lot of patience - I regularly deal with intelligent non-computer people (I have a real job, you see) and I've very good at explaining technical matters to non-technical people, but dealing with this audience is a completely different matter - you will become frustrated sooner or later. It's not really a matter of patience, but a matter of communication. When filesystem permissions and the simple relationship between users and groups doesn't make sense to someone, you simply don't have a common vocabulary to communicate expediently. They will log in as root no matter what you tell them. Ask yourself how many people are running Windows 2000/XP on their laptops and how many of those people bothered to create a non-Administrator account.
Re:Not a new problem (Score:2)
Didn't mean to imply that it wasn't relavant. I hold that *way* too many *nix apps break when they run out of disk space. Quite often in rather spectacular, data lossly ways, or in a quiet "I'll just throw this data away without ever alerting anybody" manner. Ditto for when the filesize exceeds the filesystem limit (less of a problem now, at least in Linux, but I hated that old damn 2GB limit).
--
Evan
Re:Not a new problem (Score:1)
Another thing I've noticed is that most good *nix programmers do indeed check for out-of-memory errors (eg, they always check return value of malloc), but their error handlers aren't all that great.
My usual way of dealing with out-of-memory is to propagate the error back up the call stack until someone really wants to deal with it. Most times, dealing with it just means printing an error and dumping core.
It may be that us *nix programmers are used to good virtual memory implementations where it's really hard to run out of memory, whereas the Windows/MacOS programmers have actually had to deal with these issues directly. Not sure.
Re:Not a new problem (Score:2)
I would add to this that you should reproduce for your readers some of the excellent advice already posted, but tell them to print out a hardcopy for themselves. Then, when they wreck their system, they can read what you posted and realize you were right.
Don't bother (Score:1)
Re:Don't bother (Score:1)
I was simply saying that people will likely learn from experience that logging in as root all the time is a bad idea and because of this there's no point in arguing with them. Let them make their mistakes and they will learn from them.
Also if you're using the gnu fileutils version of rm you might wish to read the info page on rm. Aliasing rm to rm -i won't help you one bit if you type rm -fr. I don't know about other rm versions.
Re:Don't bother (Score:2)
I hate it when some systems add this to the default .cshrc/bashrc/whateverc. IMO, relying on such an alias is asking for trouble. What happens if you're on another machine that doesn't have that aliased? What if the alias didn't take effect (something bad in your .cshrc caused it to stop parsing before that)? I've seen people use this alias to get into the habit of typing 'rm *' and just saying N to the files they wanted to keep. Bad idea.
The intentions are good, but I think if you're playing with fire (doing things as root), you should be forced to be absolutely careful and type everything out just as you really meant it.
hehe did this a long time ago: (Score:1)
mv
no command worked after that cause everythign was dynamically linked.
Aqua skin for slashdot? (Score:2, Funny)
No root please (Score:1)
I think we all agree root itself is too dangerous to leave it on for more than a few minutes, even if you really know what you are doing. Even us windows weenies are trying to enforce this: my IT folks spent a week adding garbled (read: cannot memorize) local passwords for all our servers and for administration are using an obscure account with the proper permissions. It is impossible to guess by name that this account is a local administrator for all machines in our network.
For OS X and BSD I guess you should be able to do whatever you need without logging as root, that is what SU is used for.
#1 argument aginst being root (Score:1)
cd
rm -rf *
"OMG! where have all my files gone"
reply:
"PEBKAC"
All people need to do is enable root and then su or sudo if they absolutely have to. If they can't fix any problem they are having not being logged in as root, then they should go and read some books. Hopefully some Mac users who are new to the *nix world will get some benefit from O'Reilly's new "Learning Unix for Mac OS X" book. Not that there aren't plenty of other books that should teach them the lie of the land, but I have a feeling this one will be popular as it's focussed on OS X.
Who cares? (Score:1)
What does it matter if someone can wreck the entire installation? They could do it before in OS8 and lower. Why does it matter now?
Folks from a *NIX background, like a good portion of the
Do you really care if some random mac user wants to be able to trash their system? Do you?
my 1.5 cents (Score:1)
It's all about functionality and user experience. (Score:1)
My uptime on this workstation is 40days and I have never been hacked (i dont run any firewalls, but a small network monitor). By the way, there exist a nice freeware portblocker at http://www.analogx.com/contents/download/network.
Now back to topic. Why can't users use root all the time? Every time I have to do changes on my Linux box I have to use a root-user, thus I use root almost every day. It sux, and I've started using root as my primary login. Ofcoz I could do a rm -R / * or similar, but guess what? I don't care!
It's all about functionality and user experience. Security people can just "stfu" coz they just disable the most used features at your computer.
In the end you have to respect users and their need to
a) learn about the computer by doing mistakes
b) trust that the general hacker do not want to hack you unless he has a good reason
c) see in the real world how things seem to work, even if you did not protect it like a child in a baby buggy
Re:It's all about functionality and user experienc (Score:1)
Secondly, I log in to an NT workstation as an admin a lot too. But on NT, a lot of system stuff of hard to get to and accidentally delete. If I happen to be in the wrong path on a UNIX system and type 'rm -fr *' I could be in deep shit, but if I don't go around carelessly wielding a root UID, then I protect myself. It's a bit like keeping the safety on a rifle. It's just a good idea.
Why not root? (Score:1)
root is ok (Score:1)
on the other hand, the dangers of logging in as root are valid. personally, i log in as root all of the time because there isn't a single thing on my system that i couldn't fix if i needed to. for me, its "cool" to be challenged to fix it, so as far as i am concerned, "bring on the hackers"...
in a production environment, its obvious that perfect paranoia is the only way to go though.
It's funny... (Score:2)
Those of us who might not be able to responsibly handle using root as our primary login want to.
For the record, I have root enabled - but I rarely log in with it.
wrong question... (Score:2)
Perhaps you should lobby the companies these people work for to have their root (or admin) access removed
Have your grandmother try to read this thread... (Score:2, Insightful)
Re:Have your grandmother try to read this thread.. (Score:1)
Re:Have your grandmother try to read this thread.. (Score:2)
Have her read at -1 to never speak to you again...
Go Ahead and Root (Score:1)
rm -rf /* (Score:2)
After they have wiped out thier system ask them if they know how to install the OS ;-)
Its sort of like NT do you give all your users admin priveledges or just the ones you trust?
Run Root only when you need it Command line GUI (Score:2)
1. Running as root is not forgiving of simple typo's rm ~
2. Not running as root is one of the first line of defence from protecting yourself from Viruses and Trojans. If you dont have access to mess up your system good chances the file attachment you opened up will not have permission.
3. Programming as non-root is good it could prevent you from accedently messing up important files Say you open("file","w") except for a open("file","r") and say file was
4. Stops you from making a mess of your file system. Say you were in
5. You know when you are doing something that may cause problems. If you cant do it as your own account then do an sudo to run it this makes you concious that you may be doing something that may damage the system so you will be more alert.
6. Sometimes other people use your computer and they may not be as carefull as you.
7. On multy user systems it may make people feel unconfortable if you use root all the time because they have no sience of privacy of there home directory. (This is a weak one but its true)
8. It is a lot easier to crash the computer as root and running apps as root. You cant always trust other people code
9. Loggin in as root all the time increases the chance that someone snooping your network will find the root password and create real damage.
10. Some programs may give them selfs a lower (nice) level and eatup your system resourses.
In generally running as root needs you be on on edge when ever you do something and the potential cost outwaigh the benefits
rm -rf .. (Score:1)
Practical Reasons (Score:1)
Two good reasons together make ..... (Score:3, Insightful)
1)As root you have the ability to not only do damage to your own user files...but you have the ability to damage/destroy the whole system. Being a user on a UnixOS is one of its beauties. No matter how bad you screw up as a user, its only your files...the system will still be there.
2)OSX runs a number of Microsoft Applications....i.e. the Office Suite, and Outlook...which are notoriously prone to security problems.(albeit, quite a bit less on Mac)
Mix those two reasons and you get something like Windows, where one script sent by email, clicked on by an
So, just dont do it. There is so little a regular user needs root for...and for that Apple has provided sudo....built in from the start.
Dimes
Accuntability, least privilege, limiting impact (Score:2, Informative)
In my analysis, there are three reasons.
Why root? (Score:2, Informative)
z(p)
why does everybody cite rm -rf? (Score:2)
I understand that you can accidentally delete every file on your hard drive, but it's not as easy to accidentally do as so many people claim. You have to want to recursively delete all the files at a certain point in your directory tree - I personally never use rm -r and most people who don't understand the trouble with root wouldn't even know how to use the command. They're much less likely to type it in, and then even less likely to type it in when their pwd is '/'.
I think that the classic example also downplays the dangers of typing in 'rm -rf ~/' - back when I did helpdesk work I had many more reports of people erasing their personal files than system files. It's much worse in my opinion to lose all your personal files than to lose important operating system files because they can't be replaced as easily (and these people almost never make backups). These were Windows 3.1 and 95 machines usually, so there was not much stopping them from deleting crucial files except their lack of knowledge. And all they would have had to type is "deltree c:\windows" or "del /y c:\windows\*.*" from any command prompt.
So my point is that home users logging in as root is bad practice, but not likely to cause any problems that couldn't easily happen on most Windows systems (since XP creates passwordless administrator accounts by default I am including it in this category). If an OS X user (or desktop linux user for that matter) logs in as root all the time, and then one day royally screws up his/her system, he/she will probably be able to reinstall, or find somebody to reinstall, the system files that only root can destroy. The personal files, those which the user could have destroyed without root, will be deleted either way:
So the lesson is: don't log in as root unless you know how to reinstall the OS.i'm the user Pudge is talking about (Score:2)
One fateful night, i was, yet again, doing some printing for her (the printer's upstairs where my machine and the printer is) from her TiBook, and so i logged in as me on her TiBook to print her stuff...
well, i couldn't get into her subdir... so i tried batchmod - and that doesn't (apparently) have a -R on it, so then i went to the CLI to
sudo chmod -R 777
fine.
the GUI STILL wouldn't let me into her subdir until i rebooted the Finder... damnit.
then, later on that night, when she went to work on one of the files later, it turned out that when i had opened one up and made some changes for her, is changed the owner to adminboy - and hotchick couldn't open the files any more...
arrrrgggh!!!! Its my fscking computer, and i want me or my wife to be able to read/write either/or's files to our heart's content. This includes ~/pictures (where things _have_ to be for iPhoto) and other "predetermined" subdirectories.
i even went so far as to repartition the machine with a 18 gig primary drive, and a 2 gig hotchick_HD so that i could turn off file permissions..
of course.. that check box doesn't ACTUALLY work - because not a day later - after the fresh install and all - all her stuff is on the 2 gig part - and when i maked some changes, she wasn't able to open those files later.
so - if i have 2, and only 2, users on a machine that want to have separate logins (login-time differences, like desktops, Dock position, etc) but we want complete control of each other's files on the machine..
i don't want it when i edit a Word file for her that it makes it "read only" when she logs in later to work on the file.
so - that was, in a rage after the 100th time she came to me complaining that the computer wouldn't do what WE wanted it to do... in Pudge's conference..
:FOR THE LOVE OF GOD, I"M JUST GOING TO LOGIN AS ROOT FOR NOW ON, DAMNIT!
i didn't mean it.. but my quandry - non-system files being universally unprotected for all users to see and use - and how to get there in a very Mac OS 9-like way.... is still unresolved.
Um, its the other way around... (Score:1, Offtopic)
Those pretty bar graphs indicated the time spent getting the job done. That means that the taller one labeled Mac on each of them means the Mac took longer. Generally that means the Mac loses to the Athlon.
besides, its all offtopic anyway :)
Re:Um, its the other way around... (Score:2)
Re:Why (we) do it ;-) (Score:1)
Bah. Any GUI that can provide everything that *I* need to get done is going to be unwieldy, at best. The GUI cannot perceive of everything that I might need to do. It's simply not possible. And if you call that a failure of the OS, then the very concept of GUIs is fundamentally flawed. The GUI should be as complete as possible/reasonable, but it cannot ever cover every need of the user.
Re:stupid newbie question (Score:2, Informative)
Sudo lets you run commands as root without actually running your shell or whatnot under root - when the program is finished, so is your root access and you can't foof the system by accidentally doing rm -Rf / or something.