[NCLUG] Why not Root?

John L. Bass jbass at dmsd.com
Sat Mar 17 19:35:53 MDT 2007 

Chad Perrin <perrin at apotheon.com> writes:
> John Bass writes:
> And, arguements which claim ROOT logins are somehow unsafe for a typical
> desktop personal use machine based on security/exploits, equally flawed.

Did you even read what I said?

yeah ... an absolutely flawed arguement about how unsafe it is to run
as root:

	From: Chad Perrin <perrin at apotheon.com> writes:
	On Sat, Mar 17, 2007 at 12:49:51PM -0600, David Braley wrote:
	> 
	> Is there a security reason for not logging in as root? Is the machine
	> somehow less secure when someone is logged in as root?

	I'll demonstrate the potential security issues via an example.

	Assume you log in as root.

	Now assume you run an IRC client, and connect to a channel at freenode.

	Now assume someone there notices your IRC client is Xchat.

	Assume that person knows of an arbitrary remote code execution exploit
	for Xchat.

	Your system has just been rooted.

	This is an extreme example.  Other, very different, examples are
	similarly possible (and similarly extreme).

	It's just a good idea to run as something other than root most of the
	time.  Similarly, it's a good idea to ensure that your user account
	doesn't have complete administrative access via sudo, so that
	compromising the normal user account doesn't give the person unfettered
	access to your system via sudo.

You make a clear (FALSE) arguement about getting "rooted" because of
being logged in SUSER, when the exact same case you state will get you
clearly compromised so that ALL your non-root files are compromised, which
for a personal machine, is everything that is important.

So your assertion is that you are somehow "Safe" or "Safer" by running
non-root .... which is a farse at best, as your example still leave the
machine compromised, and doesn't address the safety issues of root/non-root
you are trying to make a case for.

Getting "rooted", as compared with simply compromised, is nearly insignficant
for a personal machine -- your data is compromised, and full network access
is available for trogans bots, spam servers, and porn P2P servers.

Please explain just what I missed that was important about your flawed
argument, that I did carefully read.

John

More information about the NCLUG mailing list