?

Log in

No account? Create an account
entries friends calendar profile It's Me Previous Previous Next Next
The Autobiography of Russell
Life from a different perspective
zimzat
zimzat
Fear Me, For I Am root.
I'm getting tired of a majority of the Slashdot crowd.

In a recent a post on Slashdot titled "Michael Robertson Says Root is Safe", CEO of Linspire gave an interview to HEXUS.net. In the interview, he says running as root is not as unsecure as everyone makes it out to.

Michael: I think, like everything, it's a question of balance. Ease of use, versus security. I defy anybody to tell me why is it more secure to not run as root. Nobody really has a good answer. They say "oh, yeah, it is!", but it really isn't. Here's why: What's the most important thing on your desktop? It's the data. If someone gets access to your libraries or whatever, who cares? Your data is the most precious thing on your computer. And whether you log in as root or log in as user, you have access to that data, technically anyone who's compromising your account has access to your data as well.

Michael: Then you could say "Well, it's not really about your data, it's that people could accidentally mess things up!". Well, you could accidentally drive into a wall as well, it doesn't mean we should make all cars drive at 10 miles an hour. So, I don't see the added benefit. I DO see it's an added pain in the ass when grandma tries to change her wallpaper, and it tells her "you don't have root privileges". What are you talking about, man? I'm just trying to use my computer, or change the clock, or any one of a hundred other things. So, people always say "it's less secure", but I defy anyone to point out a single instance, and people all go "Well, I, erm, it's theoretical!". There's no one area I think you can point out where a machine that's run with the root user could be compromised. It couldn't be.

Michael: I know the hardcore geeks feel differently, that's fine. When somebody installs Linspire, we say "do you want to set up users, yes or no", we give them the choice, right there when they start up for the first time. If they want to set up multiple users, they're welcome to do that, but we don't force them to. That's the difference we have.


In the comments on Slashdot for the above article, virtually everyone was going out of their way to prove why running as root is a bad thing. All of the arguments including protecting other users, but there are no other users on my system. I'm not a server, nor are there any national security documents on my computer to worry about. On my computer there is only one user; me (root). For my case, the guy is absolutely correct. If I were to run as a user, anyone who got into my system would still have all the access they want to my data.

There was one post that mentioned a "rootkit" which would allow someone to basically spy on you undetected. This might be one reason to consider running as a user, however I can imagine at least as many ways to make a "userkit" such that for single-user systems, that's a moot point.

The best part of my 'security' is that I'm always invariably behind a router, so no one actually has direct access to sniff out my computer and start attacking it.

The geeks, nerds, and linux 'wizards' may cry all they want, but the extra effort it would take to enter my root password every time I make a change that isn't exactly orthadox isn't worth it to me. Just yesterday I was editing the firefox shell script so it wouldn't open urls from the system and other applications in new windows. The day before I was making a symbolic link down in /usr for compatibility with an application when I was in FC2 and it installed the binary in some /usr/local/software folder instead of /usr/bin

Current Mood: annoyed annoyed
Current Music: "Hold Me" by Savage Garden

5 comments or Leave a comment
Comments
raist_ From: raist_ Date: April 19th, 2005 02:36 pm (UTC) (Link)
People don't care about your data, for the most part.

What they want is unrestricted access to a machine that is most definately not theirs. For example, using the buffer overflow tactic on most programs is only truly godlike when the program uses a certain little function called setuid root. It's the root access that people want; not some joe-poe user account. (For the most part)

It's your box. It's your loss. The router won't save you, just so you know.
zimzat From: zimzat Date: April 19th, 2005 03:42 pm (UTC) (Link)
Oh, I know the router won't save me, but it certainly causes me enough headache with simple file transfers and P2P programs.

With as much as I would have to type my root password in, it would only be a matter of time before they got a keylogger-type program running from my "joe-poe" user account and saw it.

I know it's not 'uncompromisable', but as the guy put it, ease of use vs security.

But, yeah. Anyway.
raist_ From: raist_ Date: April 19th, 2005 04:48 pm (UTC) (Link)
Ah, but in most cases, in order to install said keylogger program, you quite often have to be root to install it.

And if you're running as joe-poe, it's much harder to do so.

In other news, I had a friend a few years back who always ran as root cuz he hated su whenever he had to do something. He got hacked.

The few times I ran X as root, it ended up bonking my whole machine. Since then, I've decided to play it a bit safer. Lost several years of mp3 collecting (Back before all these nifty P2P programs had come out; pre Napster) as a result.
zimzat From: zimzat Date: April 19th, 2005 09:39 pm (UTC) (Link)
I've seen programs that tailor themselves to be installed and run without any access to root. I see no reason a keylogger (or any other program, for that matter) couldn't do the exact same, and more.

I hear that Fedora Core 4 will be coming out some time soon. If I upgrade (not that I don't already have all of the versions of software it has) I'll consider using a user account.

So far I haven't had a problem running [X] as root, and it's been over half a year now.
swanhart From: swanhart Date: April 19th, 2005 06:20 pm (UTC) (Link)
I realise that from a convenience factor, running as root is much easier than not running from root.

The idea is that your system is more safe for everybody else, because it is much less likely to be compromized and used as a zombie in some distributed spam or dDOS attack.

Coming from an environment that had to survive multi-gigabit dDOS attacks, I think that anything that lessens the number of zombies out there is a good thing.
5 comments or Leave a comment