Latest KDE disables graphical login as root?
Is this true that the latest version of KDE disables logging in via the graphical interface as root? If yes, 1. why has this been done? 2. how do I circumvent this? -- Shriramana Sharma http://samvit.org
Am Mittwoch, 10. August 2005 17:33 schrieb Shriramana Sharma:
Is this true that the latest version of KDE disables logging in via the graphical interface as root?
If yes,
1. why has this been done?
Because it's a incredibly huge security risk and there is absolutely no single real reason why you would need to do this.
2. how do I circumvent this?
I don't know a solution by heart, sorry. But I'd rather help you to give up doing graphical login's as root. Tell me why you thing you might need that and I'll try to give you a hint how to do that w/o logging in as root.
--
Shriramana Sharma http://samvit.org
Best, Daniel
Hallo und vielen Dank! Daniel Eckl wrote:
Because it's a incredibly huge security risk and there is absolutely no single real reason why you would need to do this.
What's the security risk in logging into root via graphics that does not exist when logging into root via text?
Tell me why you thing you might need that and I'll try to give you a hint how to do that w/o logging in as root.
Well, how about all the functions in YaST? I've been using the Bootloader Config and the Partition Manager functions quite a lot. And I'm still not into navigating the file system on Linux via Konsole (or any terminal). Tell me, please, the equivalent commands for the following DOS/Windows shell commands: dir type md cd rd del copy edit cd.. d: (an off-the-head sample, more may follow). -- Shriramana Sharma http://samvit.org
Shriramana Sharma wrote:
Hallo und vielen Dank!
Daniel Eckl wrote:
Because it's a incredibly huge security risk and there is absolutely no single real reason why you would need to do this.
What's the security risk in logging into root via graphics that does not exist when logging into root via text?
Tell me why you thing you might need that and I'll try to give you a hint how to do that w/o logging in as root.
Well, how about all the functions in YaST? I've been using the Bootloader Config and the Partition Manager functions quite a lot.
And I'm still not into navigating the file system on Linux via Konsole (or any terminal). Tell me, please, the equivalent commands for the following DOS/Windows shell commands:
dir type md cd rd del copy edit cd.. d:
(an off-the-head sample, more may follow).
dir = ls type = cat md = mkdir cd = cd rd = rmdir (for empty directories) del = rm copy = cp edit = vi cd.. = cd .. (put a space between the 'cd' and the '..') d: = depends on how it was mounted, if it is a Windows drive it may be: cd /windows/C if it is a CD-ROM, you will need to mount it, and access it from wherever you mount it to, such as: cd /mnt/cdrom James W
Thanks but you didn't answer this:
What's the security risk in logging into root via graphics that does not exist when logging into root via text?
Tell me why you thing you might need that and I'll try to give you a hint how to do that w/o logging in as root.
Well, how about all the functions in YaST? I've been using the Bootloader Config and the Partition Manager functions quite a lot.
And how do I do this under a text terminal?
type = cat
Does "cat" output the text of a file to the screen? -- Shriramana Sharma http://samvit.org
Shriramana Sharma wrote:
And how do I do this under a text terminal?
type = cat
Does "cat" output the text of a file to the screen?
yes. Typing: cat textfile.txt will print to screen the contents of the file textfile.txt James W
Hi Shriramana,
And how do I do this under a text terminal?
... you know how to use a keyboard?
Does "cat" output the text of a file to the screen?
... cat copies stdin to stdout or one or more files to stdout. For more information read the man page: man cat It's just that easy. -- cul8er Paul paul.foerster@gmx.net
Hi! The security risks are: 1. When you surf the web to download the new software, you could possibly get attacked by malicious web sites. The malicious code would then be executed with root priviledges and can do anything it likes. 2. Graphical applications are way more complicated and so there is a higher chance that they could contain bugs. KDE is running a whole bunch of many high complex applications which are running in foreground or in background. Every bug of these applications running as root is able to do anything to your system what it likes. A handful of bytes written in the first few sectors of your harddisk and your partition table is broken and all your data is lost. 3. With a graphical user interface it's very easy to delete unwanted files. You mark some files with Ctrl, not seeing that some others were already marked, and deletion could erase unwanted files, too. As root, these files could be / or /etc or /data or /home or anything else, rendering your system completely useless and you have a loss of all you data in just a second. This is a very short list. This list could easily contain more that 50 entries if I would have time to think longer. So you are asking for all this commands in linux. If you are not that attracted to the command line, then why would you do that on the command line? All your files in your home directory can be managed with konqueror. What exactly do you want to do outside of that directory? If you tell me _exactly_ what you want to do, I'll try to tell you the linux way to do this. Best, Daniel Am Mittwoch, 10. August 2005 18:43 schrieb Shriramana Sharma:
Hallo und vielen Dank!
Daniel Eckl wrote:
Because it's a incredibly huge security risk and there is absolutely no single real reason why you would need to do this.
What's the security risk in logging into root via graphics that does not exist when logging into root via text?
Tell me why you thing you might need that and I'll try to give you a hint how to do that w/o logging in as root.
Well, how about all the functions in YaST? I've been using the Bootloader Config and the Partition Manager functions quite a lot.
And I'm still not into navigating the file system on Linux via Konsole (or any terminal). Tell me, please, the equivalent commands for the following DOS/Windows shell commands:
dir type md cd rd del copy edit cd.. d:
(an off-the-head sample, more may follow).
--
Shriramana Sharma http://samvit.org
1. When you surf the web to download the new software, you could possibly get attacked by malicious web sites. The malicious code would then be executed with root priviledges and can do anything it likes.
Well okay, I'll explain one thing. I'm not sasying that I want to login as root for stuff like browsing the web. That's stupid, yeah, like Fred Miller wrote and for the reasons you have outlined. I only want to login graphically as root for running stuff like YaST Boot Loader Config, Partitioner etc.
2. Graphical applications are way more complicated and so there is a higher chance that they could contain bugs. KDE is running a whole bunch of many high complex applications which are running in foreground or in background. Every bug of these applications running as root is able to do anything to your system what it likes. A handful of bytes written in the first few sectors of your harddisk and your partition table is broken and all your data is lost.
Right. So get in, do what you need to do real quick, and get out. Is that it? So somebody tell me how I exit from an X Windows Session to a pure text session.
3. With a graphical user interface it's very easy to delete unwanted files.
Precisely. I needed this too, but recognize the issues you warn me of.
So you are asking for all this commands in linux. If you are not that attracted to the command line, then why would you do that on the command line?
Well, James offered to teach me how to do these things on the command line. In fact, I'm a keyboard guy, not a mouse guy. So I'm okay with doing stuff on Konsole, so long as I know the commands and stuff. Sometimes it's faster too, but I need to get experienced. This is the first time I'm running a real working Linux system, and staying with it for so long.
All your files in your home directory can be managed with konqueror. What exactly do you want to do outside of that directory? If you tell me _exactly_ what you want to do, I'll try to tell you the linux way to do this.
I need to delete a directory called floppy_1 under /media. BTW whenever I hit reply, it by default goes to the sender. Isn't there a way I can make it to default to the list? I'm using SeaMonkey Mail on Win XP (for now - I still haven't configged my ADSL USB Modem on SuSE 9_3.) Thanks, -- Shriramana Sharma http://samvit.org
Hi Shriramana,
So somebody tell me how I exit from an X Windows Session to a pure text session.
... what should that be good for if you can do anything within a normal terminal window?
Well, James offered to teach me how to do these things on the command line. In fact, I'm a keyboard guy, not a mouse guy. So I'm okay with doing stuff on Konsole, so long as I know the commands and stuff. Sometimes it's faster too, but I need to get experienced. This is the first time I'm running a real working Linux system, and staying with it for so long.
... if you're not a mouse-guy then why do you want to use that rat in the first place?
I need to delete a directory called floppy_1 under /media.
... open a terminal window and do this: su cd /media rm -rf floppy_1 I for one can do this faster with a shell than with something clickable. Tip: Learn how to use bash's "tab" name extension feature. You'll live it
BTW whenever I hit reply, it by default goes to the sender. Isn't there a way I can make it to default to the list? I'm using SeaMonkey Mail on Win XP (for now - I still haven't configged my ADSL USB Modem on SuSE 9_3.)
... that's easy: First drop XP. ;-) Then, always hit "reply all", remove the original sender from the "To:" field and move the list's address from the "CC:" field to the "To:" field. Do that with every answer and make it go to the list. It's not that hard to use a computer, isn't it? -- cul8er Paul paul.foerster@gmx.net
On Wed, 10 Aug 2005 21:58:18 +0200
Paul Foerster
there a way I can make it to default to the list? I'm using SeaMonkey Mail on Win XP (for now - I still haven't configged my ADSL USB Modem on SuSE 9_3.)
Then, always hit "reply all", remove the original sender from the "To:" field and move the list's address from the "CC:" field to the "To:" field. Do that with every answer and make it go to the list. It's not that hard to use a computer, isn't it?
Any good mailer should have the "list reply" function. So that the reply goes to the mailinglist, if appropriate headers are set by the mailing list software (which is the case for all lists I'm subscribed to). A'Reply-to' header spoils this behaviour. I can see that it makes sense, if the'From' and the'Reply-to' are different. But why use this if both are the same? It makes no difference when somebody hits the reply to button. Just my 2 cents... Ingo -- Ingo Strauch ---- Registered Linux User #227900 (http://counter.li.org/) GPG Key Fingerprint = DEC8 1B12 9573 6BE7 7A99 C33F 809C 8C2C 772E 66A1 http://www.the-one-brack.org/
Hi Ingo,
Any good mailer should have the "list reply" function. So that the reply goes to the mailinglist, if appropriate headers are set by the mailing list software (which is the case for all lists I'm subscribed to).
A'Reply-to' header spoils this behaviour. I can see that it makes sense, if the'From' and the'Reply-to' are different. But why use this if both are the same? It makes no difference when somebody hits the reply to button.
... I see your point which is a perfectly valid argument. I for one use Apple Mail on Mac OS X which does not have a reply-to-list functionality. And there may be some other people in the list who don't use Thunderbird or the like. Some people access SuSE lists using Outlook on winblows. One can easily spot those guys when they go on vacation, enable that darn out-of-office reply and the list gest spammed with that crap. :-( So, I didn't want to argue about the philosophical aspect. All I wanted was to describe a way to get it done with _any_ mail client, no matter if it has a reply-to-list function or not. With Apple Mail, that makes 2 clicks, one hit on the delete key and another very small drag-n-drop. I know, Thunderbird is available on Mac OS X too but I still prefer Apple Mail for a couple of other reasons. -- cul8er Paul paul.foerster@gmx.net
Ingo Strauch wrote:
Any good mailer should have the "list reply" function.
I wonder whether this function exists in SeaMonkey or Thunderbird? (I'll ask around at MozillaZine...)
So that the reply goes to the mailinglist, if appropriate headers are set by the mailing list software (which is the case for all lists I'm subscribed to).
Which includes this one, I presume. -- Shriramana Sharma http://samvit.org
On Thu, 2005-08-11 at 07:52 +0530, Shriramana Sharma wrote:
Ingo Strauch wrote:
Any good mailer should have the "list reply" function.
I wonder whether this function exists in SeaMonkey or Thunderbird? (I'll ask around at MozillaZine...)
So that the reply goes to the mailinglist, if appropriate headers are set by the mailing list software (which is the case for all lists I'm subscribed to).
Which includes this one, I presume.
You may want to have a look at Forte Free Agent. It's a windows app that does run on my system under wine. It's e-mail threading capabilities are fantastic, and it handles news groups with that same ease well. Mike
On Wednesday 10 August 2005 19:46, Shriramana Sharma wrote:
1. When you surf the web to download the new software, you could possibly get attacked by malicious web sites. The malicious code would then be executed with root priviledges and can do anything it likes.
Well okay, I'll explain one thing. I'm not sasying that I want to login as root for stuff like browsing the web. That's stupid, yeah, like Fred Miller wrote and for the reasons you have outlined. I only want to login graphically as root for running stuff like YaST Boot Loader Config, Partitioner etc.
You do not need to login as root to use YaST. It will ask for the root password when you launch from the K menu (the green blob in SuSE) under System as a regular user.
2. Graphical applications are way more complicated and so there is a higher chance that they could contain bugs. KDE is running a whole bunch of many high complex applications which are running in foreground or in background. Every bug of these applications running as root is able to do anything to your system what it likes. A handful of bytes written in the first few sectors of your harddisk and your partition table is broken and all your data is lost.
Right. So get in, do what you need to do real quick, and get out. Is that it?
So somebody tell me how I exit from an X Windows Session to a pure text session.
In the same System menu there is also a superuser terminal entry as well. Although I would avoid the cmd line until you are competent with it as a regular user. If you're still unhappy (why?!?) use Ctrl-Alt-F1 through F6 for true text console, and Ctrl-Alt-F7 to return to the GUI.
3. With a graphical user interface it's very easy to delete unwanted files.
Precisely. I needed this too, but recognize the issues you warn me of.
Again, in the same System menu there is a superuser file manager entry as well. So you can erase files that you do not have appropriate permissions for. This is all on 9.3 BTW. Not sure what is available on previous versions. -- Steve Boddy
Thanks Ian and Stephen.
regular user. If you're still unhappy (why?!?) use Ctrl-Alt-F1 through F6 for true text console, and Ctrl-Alt-F7 to return to the GUI.
So what is the diff betn F1, F2 etc? Different userlevels? (What are those userlevels?) -- Shriramana Sharma http://samvit.org
No, theyare just more of them. tty1 (Ctrl-Alt-F1) is somewhat special, because it doesn't get reset (cleared) after logging out again. But as long as you can fire up konsole and type "su" or "sux", you do not need them. Best, Daniel Am Donnerstag, 11. August 2005 04:24 schrieb Shriramana Sharma:
Thanks Ian and Stephen.
regular user. If you're still unhappy (why?!?) use Ctrl-Alt-F1 through F6 for true text console, and Ctrl-Alt-F7 to return to the GUI.
So what is the diff betn F1, F2 etc? Different userlevels? (What are those userlevels?)
--
Shriramana Sharma http://samvit.org
On Wednesday 10 Aug 2005 19:46, Shriramana Sharma wrote:
So somebody tell me how I exit from an X Windows Session to a pure text session.
The easy way for a temporary session is to press CTRL ALT F4 and that will give you a login prompt in text mode, CTRL ALT F7 takes you back to your graphical session.
On Wednesday 10 August 2005 2:46 pm, Shriramana Sharma wrote:
1. When you surf the web to download the new software, you could possibly get attacked by malicious web sites. The malicious code would then be executed with root priviledges and can do anything it likes.
Well okay, I'll explain one thing. I'm not sasying that I want to login as root for stuff like browsing the web. That's stupid, yeah, like Fred Miller wrote and for the reasons you have outlined. I only want to login graphically as root for running stuff like YaST Boot Loader Config, Partitioner etc.
You DON'T need to do that. Use Yast as a user, and give the root password. Fred -- Planet Earth - a subsidiary of Microsoft. We have no bugs in our software, Never! We do have undocumented added features, that you will find amusing, at no added cost to you, at this time.
On Wednesday 10 August 2005 11:33 am, Shriramana Sharma wrote:
Is this true that the latest version of KDE disables logging in via the graphical interface as root?
If yes,
1. why has this been done? 2. how do I circumvent this?
I don't know if it's accurate or not, as I don't login from a GUI. Change your setup in Yast, System Services (Run Level), Expert Mode, and make "xdm" ONLY run level 5 (init 5). Get out of all apps., and reboot. SUSE will come up to a konsole login. Then you can use "startx" to startup KDE. Fred -- Planet Earth - a subsidiary of Microsoft. We have no bugs in our software, Never! We do have undocumented added features, that you will find amusing, at no added cost to you, at this time.
Fred A. Miller wrote:
I don't know if it's accurate or not, as I don't login from a GUI. Change your setup in Yast, System Services (Run Level), Expert Mode, and make "xdm" ONLY run level 5 (init 5). Get out of all apps., and reboot. SUSE will come up to a konsole login. Then you can use "startx" to startup KDE.
Um, thanks, but how does this help me to login graphically as root using KDE? -- Shriramana Sharma http://samvit.org
On Wednesday 10 August 2005 12:44 pm, Shriramana Sharma wrote:
Fred A. Miller wrote:
I don't know if it's accurate or not, as I don't login from a GUI. Change your setup in Yast, System Services (Run Level), Expert Mode, and make "xdm" ONLY run level 5 (init 5). Get out of all apps., and reboot. SUSE will come up to a konsole login. Then you can use "startx" to startup KDE.
Um, thanks, but how does this help me to login graphically as root using KDE?
Why do you want to do something that stupid, and then maybe I'll tell you?! Root services are available while as a user, you DON'T need to login as root. Fred -- Planet Earth - a subsidiary of Microsoft. We have no bugs in our software, Never! We do have undocumented added features, that you will find amusing, at no added cost to you, at this time.
Fred A. Miller wrote:
Um, thanks, but how does this help me to login graphically as root using KDE?
Why do you want to do something that stupid, and then maybe I'll tell you?!
Will someone please explain WHY logging in graphically to root is stupid, and logging in textually to root is NOT stupid?
Root services are available while as a user, you DON'T need to login as root.
Yeah okay. I loadup Konqueror while logged into my user account. I browse to /etc and right-click fstab and say: "Open using Kate". Presto! Kate opens it but says it's readonly. Konqueror was opened in root mode. Not Kate. And I don't have a KDE Menu Item that says "Open Kate in SU Mode" like I have "Open Konqueror in SU mode" or "Open Konsole in SU Mode". -- Shriramana Sharma http://samvit.org
Shriramana Sharma wrote:
Fred A. Miller wrote:
Um, thanks, but how does this help me to login graphically as root using KDE?
Why do you want to do something that stupid, and then maybe I'll tell you?!
Will someone please explain WHY logging in graphically to root is stupid, and logging in textually to root is NOT stupid?
Root services are available while as a user, you DON'T need to login as root.
Yeah okay. I loadup Konqueror while logged into my user account. I browse to /etc and right-click fstab and say: "Open using Kate". Presto! Kate opens it but says it's readonly. Konqueror was opened in root mode. Not Kate. And I don't have a KDE Menu Item that says "Open Kate in SU Mode" like I have "Open Konqueror in SU mode" or "Open Konsole in SU Mode".
I don't know that I would say it is stupid, there are occassions when it is nice (like installing a bunch of Oracle software that uses a graphical installer). However, it is dangerous to login as root graphically because logging in takes time graphically and if you log in as one user, it takes time to go to another user. That is one of my biggest complaints about newer versions of windows. There is no easy way to work as administrator except to put yourself in the admin group. Then you have access to what you need when you need it. However, anything that runs as you is running as an admin (like your web browser and email client). I login to my Linux and Unix systems as myself and use su or sux to get root privileges when needed. This seems to make more sense to me as nothing runs without elevated privileges unless I specifically ask for them. Now as to browsing your file system. If you open Konqueror in SU mode, then have it open a file in Kate, that should also be in SU mode. That should eliminate the need for any need for an "Open Kate in SU Mode" menu entry. If windows worked this way, then everyone wouldn't be running as admin and we wouldn't have so many different problems with machines on the internet.
Hi Shriramana,
Will someone please explain WHY logging in graphically to root is stupid, and logging in textually to root is NOT stupid?
... sorry if this sounds tough, tho it is surely not intended to, but I have to absolutely agree with Daniel Eckl. There is no single f**king reason on earth why one should log into KDE or any other GUI as root. It's not only that you can accidentally delete files and such things as others already pointed out but the actual very important reason is another: If you start X11 with root privileges, it has the freedom to do whatever it wants! X11 runs a number of (networked) services like remote displays and such things. These networked services are per definition subject to external attacks from hackers, script kiddies or whatever. A service that under normal conditions runs on user level will never be able to compromise the complete system because it simply does not have access rights. If you start X11 as root, which is what you're doing when logging in as root into a GUI then these services will run with root privileges too, leaving the complete system open to anyone hacking one single darn service! This might seem unimportant to you, but believe me, logging into KDE as root is just as darn stupid as can possibly be! So it's a big NO-NO! And this is also the reason why SuSE/Novell will or maybe even has already (I didn't try, why should I?) shut this functionality off. Nothing personal here, but it's people like you, who do not know or understand why logging into KDE as root has serious security implications who definitely need it disabled! People who don't need it disabled won't login as root anyway. You will never find me logged in as root other than in a terminal window. I can do anything there, including graphical stuff. This is not meant to be an insult but rather an explanation. Hope you got it.
Yeah okay. I loadup Konqueror while logged into my user account. I browse to /etc and right-click fstab and say: "Open using Kate". Presto! Kate opens it but says it's readonly. Konqueror was opened in root mode. Not Kate. And I don't have a KDE Menu Item that says "Open Kate in SU Mode" like I have "Open Konqueror in SU mode" or "Open Konsole in SU Mode".
... you've already been named the commands: "kdesu konkeror", "kdesu yast2", "kdesu kedit",... You can also open a shell window, do "sux -" once and then start "konkeror", "yast2" or whatever program that needs root privileges and GUI functionality from there. To start more than one GUI program simultaneously either add an ampersand at the end, ie. "yast2 &" or, if it's already running, put it in the background by activating the shell window, hitting ctrl-z and then entering the command "bg". -- cul8er Paul paul.foerster@gmail.com
On Wed, 10 Aug 2005 21:52:04 +0200
Paul Foerster
Nothing personal here, but it's people like you, who do not know or understand why logging into KDE as root has serious security implications who definitely need it disabled! People who don't need it disabled won't login as root anyway.
It's just a guess but I think the people who move from Windows to Linux because of the security problems with worms, dialers, spyware etc. (and I've seen several state this as their reason) will get into the same problems if they don't change their ways of operating the PC. It's not directed at the original poster, more a general comment. Linux (any Unix like system for that matter) makes it very easy to NOT run the entire session as administrator. To NOT have dozens of services listening to all present net devices. To NOT be as vulnerable as possible when using the default configuration of your browser/mailer. If you just switch over but then work as root all the time, don't disable the services you don't need, don't install security patches and disable any security settings of the programs you use regularly in order to keep your "windows habits", you didn't gain anything in my opinion. And even if it might be hard to work as normal user under Windows or to disable all that services that listen for incoming connections, this doesn't mean that it has to be hard doing this on linux. In fact it's easy, you only need to find out how to do it once. And it's pretty comfortable as well. Cheers, Ingo -- Ingo Strauch ---- Registered Linux User #227900 (http://counter.li.org/) GPG Key Fingerprint = DEC8 1B12 9573 6BE7 7A99 C33F 809C 8C2C 772E 66A1 http://www.the-one-brack.org/
Hi Ingo,
It's just a guess but I think the people who move from Windows to Linux because of the security problems with worms, dialers, spyware etc. (and I've seen several state this as their reason) will get into the same problems if they don't change their ways of operating the PC. It's not directed at the original poster, more a general comment.
Linux (any Unix like system for that matter) makes it very easy to NOT run the entire session as administrator. To NOT have dozens of services listening to all present net devices. To NOT be as vulnerable as possible when using the default configuration of your browser/ mailer. If you just switch over but then work as root all the time, don't disable the services you don't need, don't install security patches and disable any security settings of the programs you use regularly in order to keep your "windows habits", you didn't gain anything in my opinion. And even if it might be hard to work as normal user under Windows or to disable all that services that listen for incoming connections, this doesn't mean that it has to be hard doing this on linux. In fact it's easy, you only need to find out how to do it once. And it's pretty comfortable as well
... I hate full quotes and me2s, but this one is a very good exception. I absolutely second that! -- cul8er Paul paul.foerster@gmx.net
Paul Foerster wrote:
Nothing personal here, but it's people like you, who do not know or understand why logging into KDE as root has serious security implications who definitely need it disabled!
Sigh. I fully understand that I'm not supposed to play Frozen Bubble as root. I only wanted to know what's wrong with running a graphical environment as root. Does that need to come under so much heat from you techies? Come on guys, cut me some slack. I'm not a geek like you - I'm an academic whose field is totally unconnected with Linux - help me out here. I'm trying to shift from Windoze to Linux, and if I ask a simple question out of my ignorance, you people start using words like "Why would you want to do something as STUPID as that?". If a small kiddie asks you why it's not safe to open the door to someone you don't know, do you shout at him and say "Why would you want to do something as STUPID as that?" At least *I* would explain to him that people we don't know can do bad things to us, and so it's not okay to open the door to them. So I did learn something from asking this question: that X11 has a lot of security implications. But I would have liked to learn it without getting reprimanded for my ignorance. -- Shriramana Sharma http://samvit.org
Shriramana Sharma wrote:
Paul Foerster wrote:
Sigh. I fully understand that I'm not supposed to play Frozen Bubble as root. I only wanted to know what's wrong with running a graphical environment as root. Does that need to come under so much heat from you techies?
Come on guys, cut me some slack. I'm not a geek like you - I'm an academic whose field is totally unconnected with Linux - help me out here. I'm trying to shift from Windoze to Linux, and if I ask a simple question out of my ignorance, you people start using words like "Why would you want to do something as STUPID as that?". If a small kiddie asks you why it's not safe to open the door to someone you don't know, do you shout at him and say "Why would you want to do something as STUPID as that?" At least *I* would explain to him that people we don't know can do bad things to us, and so it's not okay to open the door to them.
So I did learn something from asking this question: that X11 has a lot of security implications. But I would have liked to learn it without getting reprimanded for my ignorance.
Hello Shriramana. This is an ongoing problem with the Linux lists. You asked valid questions and got invalid answers. And ridicule. It's good advice to be aware of the security implications of working as root. The solution to me is: 1. Keep it to a minimum. 2. Use a firewall. Ditto for the posibility of deleting the wrong files or crashing your system. The solution I use is to: 1. Put my home directory in a seperate partition. 2. Have a set of installation disks handy when you try something new. (That also applies to root in text mode:-)) That way if you delete/crash an application or the entire OS, your personal files will be safe and you can install what you lost. Linux has tremendous possibilities on a PC. The learning curve can be tough at times. But enjoy the trip and good luck. Rich
C. Richard Matson wrote:
advice to be aware of the security implications of working as root. The solution to me is: 1. Keep it to a minimum. 2. Use a firewall.
I thought SuSE ships with a built-in firewall. Do I need to activate it?
the posibility of deleting the wrong files or crashing your system. The solution I use is to: 1. Put my home directory in a seperate partition.
I've already done that. Do my KMail mails also get stored under /home?
2. Have a set of installation disks handy when you try something new. (That also applies to root in text mode:-)) That way if you delete/crash an application or the entire OS, your personal files will be safe and you can install what you lost.
Right, since the app being started up even via text mode can still overwrite the boot sector or some such other thing.
Linux has tremendous possibilities on a PC. The learning curve can be tough at times. But enjoy the trip and good luck. Rich
Thanks, Richard, and to the others: I'm sorry if I said something wrong. Thing is: shifting to Linux is a bit hard at times for ordinary users like me, and sometimes I feel I need a little sympathy. I totally accept that I'm a kiddie when it comes to using Linux, albeit a fairly bright kiddie! But I still wouldn't like being told (even indirectly or without intent) that I'm ignorant of something that's perfectly obviously to experienced people like you. Be well, all. -- Shriramana Sharma http://samvit.org
C. Richard Matson wrote:
Shriramana Sharma wrote:
C. Richard Matson wrote:
I thought SuSE ships with a built-in firewall. Do I need to activate it?
I think yes, but to be sure go to Yast -> Security and Users -> Firewall. It will tell you if it is running or not. I always check, but don't remember for sure what I find. If I recall correctly the last two or three releases of SUSE default the firewall started.
I've already done that. Do my KMail mails also get stored under /home?
Yes.
See you, Rich
On Thursday 11 August 2005 07:26, Shriramana Sharma wrote:
C. Richard Matson wrote:
advice to be aware of the security implications of working as root. The solution to me is: 1. Keep it to a minimum. 2. Use a firewall.
I thought SuSE ships with a built-in firewall. Do I need to activate it?
Unless you have explicitly disabled it, it is active by default on any recent installation. There is a personal version that just blocks all inbound connections, and a more flexible one that allows you to open specific ports to external machines.
2. Have a set of installation disks handy when you try something new. (That also applies to root in text mode:-)) That way if you delete/crash an application or the entire OS, your personal files will be safe and you can install what you lost.
Right, since the app being started up even via text mode can still overwrite the boot sector or some such other thing.
Just to be clear, you could only overwrite the boot sector as root, not as your regular user. This is irrespective of using a gui or text mode. However, newbies are far more likely to do something dangerous with the command line than a structured GUI, as you are less likely to understand all the available options and their interactions. -- Steve Boddy
Hi Shriramana,
Sigh. I fully understand that I'm not supposed to play Frozen Bubble as root. I only wanted to know what's wrong with running a graphical environment as root. Does that need to come under so much heat from you techies?
... I said nothing personal and I meant it this way. Also, the problem is that many answers can be found by googling around for a couple of minutes, especially if Linux is concerned. I understand that asking a question is faster to do but please also consider that answering the same questions over and over again is not exactly fun. As for Linux' or Unix' conceptual or philosophical documentation you'll find just as much on the net as you'll find technical stuff. Trying out something is good as long as you can trash and reinstall the system any time. But if you want to actually use an operating system for work, _ANY_ operating system, a little practice tweaking and tampering with it _before_ starting to actually use it DOES help. Another thing is that it was explained to you multiple times but if you insist on i-wanna-be-gui-root then it has to be explained, well, a little more explicitely. THIS is why techies usually get upset if someone repeats the question over and over just rephrasing it. The techies' impression then inevitably must be that the person asking does NOT actually want to learn or know something substantial but rather wants something done for him. Techies consider that a waste of time, rightly so if I may add. In that case, said person better take his computer to someone who knows something about technical stuff, which in 99.99999999% of all cases exclude so-called Windows experts... -- cul8er Paul paul.foerster@gmx.net
Paul Foerster wrote:
minutes, especially if Linux is concerned. I understand that asking a question is faster to do but please also consider that answering the same questions over and over again is not exactly fun.
Well, seeing as we can't search the archives of this mailing list, you can't expect us to know what questions have been asked and what not. It's not like forums.mozillazine.org or linuxforums.org, where we *can* search and it would be at least partially our fault if we ask a question already asked before. And hey, if you don't think answering a question repeatedly is not fun (which I fully agree with) I feel you need not get angry over it - just ignore such a question, and maybe someone else will answer the poor ignorant (like me) guy's request.
Another thing is that it was explained to you multiple times but if you insist on i-wanna-be-gui-root then it has to be explained, well, a little more explicitely.
Well, your mail asking me why I would want to do "such a stupid thing" came *before* all those mails which nicely explained why such a thing is a bad thing to do. Here - I dug these timestamps out of my local archives: Your post saying "Why do you want to do something that stupid, and then maybe I'll tell you?!" reads 10-Aug-2005 22:16 UTC+0530. Alain Black's post saying "Wow Fred, calm down. There's no need for insulting people here." reads same day 22:23. The first *concrete* explanation of why it's a bad idea to login to X11 as root came from Daniel Eckl at 23:55 the same day. Till then I had only messages from various people saying "it's bad for security". I wanted to know *why* it was bad for security. Was that such a big mistake? So you see it's not true that "it was explained to you multiple times but if you insist". Nothing was *explained*. Something was stated - that it's a security risk. I wanted more details as to why it is a security risk. That doesn't classify under:
THIS is why techies usually get upset if someone repeats the question over and over just rephrasing it.
and hence doesn't justify:
The techies' impression ... that the person asking does NOT actually want to learn or know something substantial but rather wants something done for him.
I feel my question as to why exactly it was a security risk was very clearly stemmed from a desire to learn or know something substantial. You say: "do not overdose on medicines". A guy asks "why?" You say "'cause it's a bad idea". He asks "why is it a bad idea?" That's NOT a stupid question. My friend, I am an academic - I know when I say: "dilution of concentrated sulphuric acid must be done by pouring it into water, and not water into it" and a student asks a question "why is that so", he thinks, and when a student simply accepts that declaration, he doesn't have the desire or energy to investigate the rationale behind my statement. Hence, I request you - please do not irritate yourself if somebody asks a question the answer to which is obvious to you. Nothing personal against you. Be well. -- Shriramana Sharma http://samvit.org
Hello, On Thursday 11 August 2005 08:35, Shriramana Sharma wrote:
Paul Foerster wrote:
minutes, especially if Linux is concerned. I understand that asking a question is faster to do but please also consider that answering the same questions over and over again is not exactly fun.
Well, seeing as we can't search the archives of this mailing list, you can't expect us to know what questions have been asked and what not.
Yes you can and yes we can. The list is archived on the Internet (http://lists.suse.com/, http://lists.suse.com/archive/, http://lists.suse.com/archive/suse-kde/) and Google indexes that archive. The "site:" and / or "inurl:" options to Google make restricting searches to these archives trivial, so in effect, the SuSE-run lists _are_ archived and searchable. So please do your homework first. After all, to do so is just common courtesy to people participating in high-volume lists.
...
--
Shriramana Sharma
Randall Schulz
Yes you can and yes we can. The list is archived on the Internet (http://lists.suse.com/, http://lists.suse.com/archive/, http://lists.suse.com/archive/suse-kde/) and Google indexes that archive. The "site:" and / or "inurl:" options to Google make restricting searches to these archives trivial, so in effect, the SuSE-run lists _are_ archived and searchable.
So please do your homework first. After all, to do so is just common courtesy to people participating in high-volume lists.
Randall you are right. However, someone from the windows world cannot install Linux and instantly know the all the nuances and terms of the Unix/Linux world. There was no need for the kind of remarks that were made early on in this thread. There is such a thing as common courtesy and respect for people. The real problem is that SUSE and the other Linux distros need to do a major rethink about the way support is provided to Linux newbies. www.opensuse.org looks like a step in the right direction. See you, Rich
Randall Schulz
On Thursday 11 August 2005 10:41 am, Randall R Schulz wrote:
Hello,
On Thursday 11 August 2005 08:35, Shriramana Sharma wrote:
Paul Foerster wrote:
minutes, especially if Linux is concerned. I understand that asking a question is faster to do but please also consider that answering the same questions over and over again is not exactly fun.
Well, seeing as we can't search the archives of this mailing list, you can't expect us to know what questions have been asked and what not.
Yes you can and yes we can. The list is archived on the Internet (http://lists.suse.com/, http://lists.suse.com/archive/, http://lists.suse.com/archive/suse-kde/) and Google indexes that archive. The "site:" and / or "inurl:" options to Google make restricting searches to these archives trivial, so in effect, the SuSE-run lists _are_ archived and searchable.
So please do your homework first. After all, to do so is just common courtesy to people participating in high-volume lists.
Shriramana Sharma
Randall Schulz
And the full URL to search via Google would be: site:lists.suse.com [suse-kde] param1 param2 param3 etc... Where [suse-kde] narrows it to this list. Substitute [SLE] for the suse-linux-e list, etc. Param1,2,3,x can be your search terms. One I like is the year, 2005, for example to narrow it a bit. In Konqueror you can also use the Web Shortcut gg: for Google in the Location bar. For a list of Web Shortcuts in Konq go to Settings, Configure Konqueror, Web Shortcuts. gg:site:lists.suse.com [suse-kde] param1 param2 param3 etc... Stan
Stan, On Thursday 11 August 2005 09:56, Stan Glasoe wrote:
On Thursday 11 August 2005 10:41 am, Randall R Schulz wrote:
... The list is archived on the Internet (http://lists.suse.com/, http://lists.suse.com/archive/, http://lists.suse.com/archive/suse-kde/) and Google indexes that archive. The "site:" and / or "inurl:" options to Google make restricting searches to these archives trivial, so in effect, the SuSE-run lists _are_ archived and searchable.
...
Randall Schulz
And the full URL to search via Google would be:
site:lists.suse.com [suse-kde] param1 param2 param3 etc...
Where [suse-kde] narrows it to this list. Substitute [SLE] for the suse-linux-e list, etc. Param1,2,3,x can be your search terms. One I like is the year, 2005, for example to narrow it a bit.
A better choice is to use the inurl: keyword, which obviates the [suse-kde] bit, which counts towards the ten-word search term limit and otherwise does little to constrain the search. Search for "Root Login inurl:lists.suse.com/archive/suse-kde" Not a lot of hits, though. One from a little over a year ago and this thread.
...
Stan
Randall Schulz
On Thursday 11 August 2005 10:35 am, Shriramana Sharma wrote:
Well, seeing as we can't search the archives of this mailing list, you can't expect us to know what questions have been asked and what not. It's not like forums.mozillazine.org or linuxforums.org, where we *can* search and it would be at least partially our fault if we ask a question already asked before.
use this URL to search the SLE archives: http://marc.theaimsgroup.com/?l=suse-linux-e&r=1&w=2 Richard
Hi Shriramana,
Well, seeing as we can't search the archives of this mailing list, you can't expect us to know what questions have been asked and what not. It's not like forums.mozillazine.org or linuxforums.org, where we *can* search and it would be at least partially our fault if we ask a question already asked before.
... you can get the whole SuSE KDE list archive at: http://lists.suse.com/archive/suse-kde/ There is, however, unfortunately no search functionality. However, if you want to search the archives you also find them here _with_ search functionality: http://marc.theaimsgroup.com/?l=suse-kde&r=1&w=2 I suggest you bookmark at least the second one. It's pretty helpful.
And hey, if you don't think answering a question repeatedly is not fun (which I fully agree with) I feel you need not get angry over it - just ignore such a question, and maybe someone else will answer the poor ignorant (like me) guy's request.
... you misunderstood me. I did not mean answering the _same_ question from _different_ people but from _one_person_ again and again.
Well, your mail asking me why I would want to do "such a stupid thing" came *before* all those mails which nicely explained why such a thing is a bad thing to do. Here - I dug these timestamps out of my local archives:
Your post saying "Why do you want to do something that stupid, and then maybe I'll tell you?!" reads 10-Aug-2005 22:16 UTC+0530. Alain Black's post saying "Wow Fred, calm down. There's no need for insulting people here." reads same day 22:23.
... I suggest, you repair your mailbox. I never said "Why do you want to do something that stupid, and then maybe I'll tell you?!" It was Fred A. Miller who said that. So, before asking me for trouble how about doing some proper digging in your local mailbox first and then asking the originator for trouble?
The first *concrete* explanation of why it's a bad idea to login to X11 as root came from Daniel Eckl at 23:55 the same day. Till then I had only messages from various people saying "it's bad for security". I wanted to know *why* it was bad for security. Was that such a big mistake?
... no and if you'd properly dug thru your mailbox you would have found that my very first answer, beside bearing the remark that I second Daniel's view, bore a pretty eloquent explanation about security implications with running X as root. So what is your problem with me other than obviously confusing me with Fred and possibly others? My name is Paul and not Fred! And also what is your problem with reading and _understanding_ what someone else writes?
So you see it's not true that "it was explained to you multiple times but if you insist". Nothing was *explained*. Something was stated - that it's a security risk. I wanted more details as to why it is a security risk. That doesn't classify under:
... what is so hard to understand about what I initially wrote, ie. that X runs a number of services and if run as root someone only needs to hack one single service to enter the system and take over? Want an API listing or port specifications? Want a commented TCP/IP packet listing? What kernel specifications? I'm sure that's not what you want unless you're either a serious hacker or serious programmer. Since I assume the latter two are not the case the explanation that *I* supplied with running X as root and the services stuff must do. If it does not then you need to google for some very serious internals stuff. But you'd not be happy with what you'd find there...
I feel my question as to why exactly it was a security risk was very clearly stemmed from a desire to learn or know something substantial. You say: "do not overdose on medicines". A guy asks "why?" You say "'cause it's a bad idea". He asks "why is it a bad idea?" That's NOT a stupid question.
... beside me viewing that as a stupid question as overdose already contains the "over" part which means too much and is thus negative, serious health problems are more than obvious in your example. You earlier asked me (rethorically) whether I understand English. Well, frankly, I doubt that _you_ do. You read and get the words maybe, but you don't get the essence, neither do you seriously think about a message.
My friend, I am an academic - I know when I say: "dilution of concentrated sulphuric acid must be done by pouring it into water, and not water into it" and a student asks a question "why is that so", he thinks, and when a student simply accepts that declaration, he doesn't have the desire or energy to investigate the rationale behind my statement. Hence, I request you - please do not irritate yourself if somebody asks a question the answer to which is obvious to you.
... yeah and I'm the bastard operator from Hell and bite you in your balls! Did I mention that I hate those clever people called academics? I have spend (way too) much time at a university and there was one important thing I learned there for life: Most academics who need to mention they hold a PhD., a diploma, are this and that, received this and that award, or to quote one guy "I have a couple of college degrees", those people tend to be condescending as hell and not listen to what somebody else says. Those people suck most! So never boast in front of me what clever academic you are! That will only move you to my killfile.
Nothing personal against you. Be well.
... no, nothing personal. I'm being purely academic here... -- cul8er Paul paul.foerster@gmail.com
Am Donnerstag, 11. August 2005 17:35 schrieb Shriramana Sharma:
Paul Foerster wrote:
minutes, especially if Linux is concerned. I understand that asking a question is faster to do but please also consider that answering the same questions over and over again is not exactly fun.
Well, seeing as we can't search the archives of this mailing list, you can't expect us to know what questions have been asked and what not. It's not like forums.mozillazine.org or linuxforums.org, where we *can* search and it would be at least partially our fault if we ask a question already asked before.
No. In this case you just would have to ask: How can I search this list? And me or others would have answered: http://marc.theaimsgroup.com/?l=suse-kde&r=1&w=2 As an academic person you should know lot of ways to get your informations..... Best, Daniel
On Thursday 11 August 2005 10:59 am, Paul Foerster wrote:
THIS is why techies usually get upset if someone repeats the question over and over just rephrasing it. The techies' impression then inevitably must be that the person asking does NOT actually want to learn or know something substantial but rather wants something done
Correct. And, I admit to getting a tad short tempered these days, as I just don't have the patience nor time that I'd like to answer mail.
for him. Techies consider that a waste of time, rightly so if I may add. In that case, said person better take his computer to someone who knows something about technical stuff, which in 99.99999999% of all cases exclude so-called Windows experts.
VERY true!! Fred -- Planet Earth - a subsidiary of Microsoft. We have no bugs in our software, Never! We do have undocumented added features, that you will find amusing, at no added cost to you, at this time.
Hi Shriramana! As Paul Foerster wrote, please don't take this personal. It's a result of the shock which was caused by your question. It's not like the child asking for that door thing, it's more like a child asking why it shouldn't point with that gun at his leg and pull the trigger. Well, linux is open for every taste, so if you take this gun, point to your leg and pull the trigger, then linux will does all it can to reliable deliver the bullet into your leg. That's the dangerous thing here. Best, Daniel Am Donnerstag, 11. August 2005 04:30 schrieb Shriramana Sharma:
Paul Foerster wrote:
Nothing personal here, but it's people like you, who do not know or understand why logging into KDE as root has serious security implications who definitely need it disabled!
Sigh. I fully understand that I'm not supposed to play Frozen Bubble as root. I only wanted to know what's wrong with running a graphical environment as root. Does that need to come under so much heat from you techies?
Come on guys, cut me some slack. I'm not a geek like you - I'm an academic whose field is totally unconnected with Linux - help me out here. I'm trying to shift from Windoze to Linux, and if I ask a simple question out of my ignorance, you people start using words like "Why would you want to do something as STUPID as that?". If a small kiddie asks you why it's not safe to open the door to someone you don't know, do you shout at him and say "Why would you want to do something as STUPID as that?" At least *I* would explain to him that people we don't know can do bad things to us, and so it's not okay to open the door to them.
So I did learn something from asking this question: that X11 has a lot of security implications. But I would have liked to learn it without getting reprimanded for my ignorance.
--
Shriramana Sharma http://samvit.org
On Thu, 2005-08-11 at 08:00 +0530, Shriramana Sharma wrote:
Paul Foerster wrote:
Nothing personal here, but it's people like you, who do not know or understand why logging into KDE as root has serious security implications who definitely need it disabled!
Sigh. I fully understand that I'm not supposed to play Frozen Bubble as root. I only wanted to know what's wrong with running a graphical environment as root. Does that need to come under so much heat from you techies?
We're not all techies here. Rarely do you as a user need full root priviledges, when you do then you use root, and sparingly. This is really more of a security thing. Root has full unrestricted access to the whole system, and none of those nice "Hey dummy are you sure you want to do that?" warnings when you decide to nuke your / and everything in it.
Come on guys, cut me some slack. I'm not a geek like you - I'm an academic whose field is totally unconnected with Linux - help me out here. I'm trying to shift from Windoze to Linux, and if I ask a simple question out of my ignorance, you people start using words like "Why would you want to do something as STUPID as that?". If a small kiddie asks you why it's not safe to open the door to someone you don't know, do you shout at him and say "Why would you want to do something as STUPID as that?" At least *I* would explain to him that people we don't know can do bad things to us, and so it's not okay to open the door to them.
Education is no excuse for ignorance. <just kidding.> It's not only those we don't know, it also us. Running as a user, the only vulnerable things are those that I have access to, which normally is located somewhere in /home/Mike, and not in any of the other <user> profiles.
So I did learn something from asking this question: that X11 has a lot of security implications. But I would have liked to learn it without getting reprimanded for my ignorance.
Your partially right, it's not just X though, it's root, and that is the something thing to keep in mind.
Shriramana Sharma wrote:
Fred A. Miller wrote:
Um, thanks, but how does this help me to login graphically as root using KDE?
Yeah okay. I loadup Konqueror while logged into my user account. I browse to /etc and right-click fstab and say: "Open using Kate". Presto! Kate opens it but says it's readonly. Konqueror was opened in root mode. Not Kate. And I don't have a KDE Menu Item that says "Open Kate in SU Mode" like I have "Open Konqueror in SU mode" or "Open Konsole in SU Mode".
Shiramana, The quickes way to do a lot of things graphically as root is to work from a konqueror session that is started as user root. As others have explained you can start this by typing 'sux' in a terminal and then launch konqueror, or do it via 'kdesu konqueror'. Actually SuSE provides this already in the Systems -> Filemanager menu. There you find the Filemanager (root mode) that opens konqueror while graphicaly working as root (note: names can be a littlebit different - i translated from a dutch system). Now you can navigate to /etc and open/change a textfile with kwrite by (right)clicking on it. Some usefull tips: - via (toolbar ->) Window -> Split window vertically you get two windows and via drag and drop you van move/copy/link files and groups of files and diectories. - via (toolbar ->) Tools -> Open terminal you can open a terminal in root mode without having to enter the password again. - In (toolbar ->) Options you can save profiles pointing to specific directories. I very often use this to change the 'Icon' view konqueror uses by default to a 'Detailed list view' Nice isn't it?! Actually this is what i very much miss while working with windows, next to not having multiple desktops.. And being able to open e text terminal via ctrl - alt - F#. And of course YaST can be opened as a user - it is also in the system menu. Peter Vollebregt
On Wed, 2005-08-10 at 22:24 +0530, Shriramana Sharma wrote:
Fred A. Miller wrote:
Um, thanks, but how does this help me to login graphically as root using KDE?
Why do you want to do something that stupid, and then maybe I'll tell you?!
Will someone please explain WHY logging in graphically to root is stupid, and logging in textually to root is NOT stupid?
Root services are available while as a user, you DON'T need to login as root.
Yeah okay. I loadup Konqueror while logged into my user account. I browse to /etc and right-click fstab and say: "Open using Kate". Presto! Kate opens it but says it's readonly. Konqueror was opened in root mode. Not Kate. And I don't have a KDE Menu Item that says "Open Kate in SU Mode" like I have "Open Konqueror in SU mode" or "Open Konsole in SU Mode".
kdesu konqueror, only use root permissions when you _have_ to. It's part of the security philosophy.
On Wednesday 10 August 2005 12:54 pm, Shriramana Sharma wrote:
Fred A. Miller wrote:
Um, thanks, but how does this help me to login graphically as root using KDE?
Why do you want to do something that stupid, and then maybe I'll tell you?!
Will someone please explain WHY logging in graphically to root is stupid, and logging in textually to root is NOT stupid?
Root services are available while as a user, you DON'T need to login as root.
Yeah okay. I loadup Konqueror while logged into my user account. I browse to /etc and right-click fstab and say: "Open using Kate". Presto! Kate opens it but says it's readonly. Konqueror was opened in root mode. Not Kate. And I don't have a KDE Menu Item that says "Open Kate in SU Mode" like I have "Open Konqueror in SU mode" or "Open Konsole in SU Mode".
Use, under "System" off the start menu, the "Super User" file manger (Konq.) which requires the root password. Then edit to your heart's content. You could also use a konsole window, su to root, then use pico to edit fstab. There are MANY options. Fred -- Planet Earth - a subsidiary of Microsoft. We have no bugs in our software, Never! We do have undocumented added features, that you will find amusing, at no added cost to you, at this time.
Am Mittwoch, 10. August 2005 18:46 schrieb Fred A. Miller:
On Wednesday 10 August 2005 12:44 pm, Shriramana Sharma wrote:
Fred A. Miller wrote:
I don't know if it's accurate or not, as I don't login from a GUI. Change your setup in Yast, System Services (Run Level), Expert Mode, and make "xdm" ONLY run level 5 (init 5). Get out of all apps., and reboot. SUSE will come up to a konsole login. Then you can use "startx" to startup KDE.
Um, thanks, but how does this help me to login graphically as root using KDE?
Why do you want to do something that stupid, and then maybe I'll tell you?! Root services are available while as a user, you DON'T need to login as root.
Fred
The decision if one logs on as root or not should clearly be left to the admin of the system. In general its not useful to work as root but in some cases (software installation, administraion) where you need root access and have to deal with graphical installers etc it *really* is useful. Of course one can use kdesu or sudo but this can be really be cumbersome compared to beeing root. If you know what you do you should be able to do it even if some folks think its not good. So leave the decision to the admin of the system. If you want to force someone to do something or not to do something, then this is windows behaviour and not really useful at all. Have a nice day Rainer -- --------------------------------------------------------------------------- Rainer Krienke, Universitaet Koblenz, Rechenzentrum, Raum A022 Universitaetsstrasse 1, 56070 Koblenz, Tel: +49 261287 -1312, Fax: -1001312 Mail: krienke@uni-koblenz.de, Web: http://www.uni-koblenz.de/~krienke Get my public PGP key: http://www.uni-koblenz.de/~krienke/mypgp.html ---------------------------------------------------------------------------
On Wednesday, 10 August 2005 21:57, Rainer Krienke wrote:
So leave the decision to the admin of the system. If you want to force someone to do something or not to do something, then this is windows behaviour and not really useful at all.
Have a nice day Rainer
I totally second this way of thinking. If Linux getting more popular means Linux software being conceived the same way as Windows or Mac software, I'm going to have to look elsewhere. As long as this is a distribution basis (I know (K)Ubuntu makes it very hard for a user to get a root login), it's ok - just choose another distro. But this way of thinking making it's way into KDE would be a problem, as I never really managed to live happy with Gnome. Thierry -- The problem with the world is stupidity. Not saying there should be a capital punishment for stupidity, but why don't we just take the safety labels off of everything and let the problem solve itself? Frank Zappa
On Thursday 11 August 2005 12:58 am, Thierry de Coulon wrote:
On Wednesday, 10 August 2005 21:57, Rainer Krienke wrote:
So leave the decision to the admin of the system. If you want to force someone to do something or not to do something, then this is windows behaviour and not really useful at all.
Have a nice day Rainer
I totally second this way of thinking. If Linux getting more popular means Linux software being conceived the same way as Windows or Mac software, I'm going to have to look elsewhere.
As long as this is a distribution basis (I know (K)Ubuntu makes it very hard for a user to get a root login), it's ok - just choose another distro. But this way of thinking making it's way into KDE would be a problem, as I never really managed to live happy with Gnome.
Thierry
It isn't that hard to get a root login with (K)Ubuntu. You simply have to use sudo to change the root password and then you can login as root. But they like many other distributions have disabled root from graphical login by default. As a matter of fact, due to SuSE's continuing rise in pricing, I was looking at Kubuntu as a possible new distribution and had converted a majority of my home systems to it before I learned of OpenSuSE. And to be honest, I am not sure that I will return to SuSE. I did enable the root account on my (K)Ubuntu systems and I do use it for remote administration when necessary. I am still not a huge fan of APT, but it does do a decent job. I like the fact that everything is sudo based and I can give users privileges to do certain things without giving them the root password. I miss YaST but I have learned to do things manually again and to use the tools provided. They also seem to be a little more "user friendly" to discussions like this one. For one reason, they are avoiding the discussion by making it easier to do most daily activities without root access to the system. I would feel relatively safe putting Kubuntu on my mothers computer. I am not sure that I would be upto doing that with SuSE. -- Kelly L. Fulks Home Account near Huntsville, AL
Am Mittwoch, 10. August 2005 22:57 schrieb Rainer Krienke:
The decision if one logs on as root or not should clearly be left to the admin of the system. In general its not useful to work as root but in some cases (software installation, administraion) where you need root access and have to deal with graphical installers etc it *really* is useful. Of course one can use kdesu or sudo but this can be really be cumbersome compared to beeing root. If you know what you do you should be able to do it even if some folks think its not good.
Sure. Nobody forbids you to do something stupid. But then you have to deal with people telling you that this is stupid.
So leave the decision to the admin of the system. If you want to force someone to do something or not to do something, then this is windows behaviour and not really useful at all.
Hey, just to mention: You are on Linux. You can configure an incredible amount of options (see this thread for the option to login as root). In the worst case, hey, who cares, this is open source, so just change it. On Linux you never can be forced to anything, so it never can be like Windows.
Have a nice day Rainer
Greetings, Daniel
On Wed, 10 Aug 2005 22:57:46 +0200
Rainer Krienke
The decision if one logs on as root or not should clearly be left to the admin of the system.
Sure.
In general its not useful to work as root but in some cases (software installation, administraion) where you need root access and have to deal with graphical installers etc it *really* is useful. Of course one can use kdesu or sudo but this can be really be cumbersome compared to beeing root. If you know what you do you should be able to do it even if some folks think its not good.
Well, being new to Linux, how would you know that working as root ain't good and is easily avoided? If you've only seen Windows before, you've worked as administrator all the time and if ever you tried not to, you most probably gave up frustrated. When, if not at the very beginning of your "linux career", is the time to rethink? I doubt that someone will start not working as root after N years when he's taken over the old habit and working as root on linux as well. Of course people can decide themselves. I'm just illustrating why it's not a good idea and how to do it the better way. I think this is the information a newcomer needs. It won't pop into his head automatically. Cheers, Ingo -- Ingo Strauch ---- Registered Linux User #227900 (http://counter.li.org/) GPG Key Fingerprint = DEC8 1B12 9573 6BE7 7A99 C33F 809C 8C2C 772E 66A1 http://www.the-one-brack.org/
Hi Ingo,
Well, being new to Linux, how would you know that working as root ain't good and is easily avoided? If you've only seen Windows before, you've worked as administrator all the time and if ever you tried not to, you most probably gave up frustrated. When, if not at the very beginning of your "linux career", is the time to rethink? I doubt that someone will start not working as root after N years when he's taken over the old habit and working as root on linux as well. Of course people can decide themselves. I'm just illustrating why it's not a good idea and how to do it the better way. I think this is the information a newcomer needs. It won't pop into his head automatically.
... yes, I agree 100%. And I'm sure all so-called techies will to. And every techie tells every newbie to do and not do certain things because newbies can't possibly know. It's perfectly fine for a newbie to ask and that's why techies will always help. The problem arises when said newbie won't listen but instead insists on what he does is right and the only way to do it. This is when the techie starts getting angry because he wasted time to try to teach the newbie for good. The newbie then in turn will not understand why the techie gets angry but instead insist that his way to do it is the right way. This is when the techie understandably turns away in disgust and the newbie accuses techies that they won't listen and only reluctantly help and Linux needs better publicity and all that crap. If the newbie (despite how many academic degrees or what not) would have listened in the first place there would have been no problem. But instead it leaves techies in a light that they are elite and want to be left alone and not help and all that which is completely wrong. But if you want to help somebody, then that somebody must be ready and willing to accept help. If not, then the help is completely useless and wasted. Exactly THAT was the essense and nothing else! It was NOT about newbies having or not having the right to ask. It was NOT about the techies' willingness to help and all that. It was about the newbies' readiness to accept help, which was not the case with our academic friend. Finally, for me this is the end of the thread. I now am NOT willing to discuss this issue any further, period. -- cul8er Paul paul.foerster@gmx.net
All,
The problem arises when said newbie won't listen but instead insists on what he does is right and the only way to do it. This is when the techie starts getting angry because he wasted time to try to teach the newbie for good. The newbie then in turn will not understand why the techie gets angry but instead insist that his way to do it is the right way.
There is one thing i want to add: People learn from this list as the 'techie' once did. And they learn by asking questions and getting a polite answer. For newcomers it is not easy to know why things are god/bad and what the best practices are. Some of those things are never explained and rehearsal helps. The techie should also be able to listen and understand that not every person wants to know how it works. I like the linux world because of the openness and the will to help. But always treat people as you want to be treated.
Finally, for me this is the end of the thread. I now am NOT willing to discuss this issue any further, period.
Completely agree Peter Vollebregt
Am Freitag, 12. August 2005 22:34 schrieb Peter Vollebregt:
The techie should also be able to listen and understand that not every person wants to know how it works.
Well, now we get philosophically. To remember the beginning, the newbie just asked how to do a bad thing. The techies said, "Don't do it that way, it's bad. Better do it this other way." After that, the newbie asked "why is that bad? I want to do it anyway! Show me a way how to do the bad thing!" So now what to do? We have a newbie which wants to know how it works, but he doesn't _really_ want to know how it works. Nobody can help such a person. There is no way. And if he _really_ is willing to know how it works, perhaps he cannot understand that without better knowledge about unix system architecture and philosophy. Newbies _have_ to accept their help, no matter if they understand it or not. If they understand it, fine. If they don't they can lern. But only, if they accept it in the first step, they can lern it by spending enough time doing it the right way. On Windows, if a newbie asks "How do I do this?" and he gets the answer "Do 1. this, and 2. that and then at last do this", he _ALWAYS_ will just accept this. On windows there is just believing, it's like a religion. You never get explanations, you will never find out why, you just know how and you are happy. That's the way, a linux newbie has to start. And only then he will be able to use it and only then he will be able to understand it. Later. Just my personal opinion. Best, Daniel
Hi Daniel, ... *BINGO* This is exactly the point! Amen to that! -- cul8er Paul paul.foerster@gmx.net
On Friday 12 August 2005 22:33, Daniel Eckl wrote:
To remember the beginning, the newbie just asked how to do a bad thing. The techies said, "Don't do it that way, it's bad. Better do it this other way."
After that, the newbie asked "why is that bad? I want to do it anyway! Show me a way how to do the bad thing!"
I'm sorry Daniel, but I think that is grossly unfair to Shriramana, and that's the only reason I'm prolonging this antagonistic thread. At no point did he say "I want to do it anyway! Show me a way how to do the bad thing!" Once it was explained to be a "bad thing"(tm) he simply asked why, without understanding that there was no need to login as root even to do admin tasks. Then people seemed to jump all over him. Not you initially, as I did see your helpful follow up after my earlier small contribution. Shriramana is only guilty of curiosity and inquisitiveness. Qualities that should be encouraged. I hope amongst all the noise that Shriramana found (and more importantly understood) the answers buried in this gargantuan thread. -- Steve Boddy
On Friday 12 August 2005 5:52 pm, Stephen Boddy wrote:
Shriramana is only guilty of curiosity and inquisitiveness. Qualities that should be encouraged. I hope amongst all the noise that Shriramana found (and more importantly understood) the answers buried in this gargantuan thread. -- Steve Boddy
Amen. Scott -- POPFile, the OpenSource EMail Classifier http://popfile.sourceforge.net/ Linux 2.6.11.4-21.8-default x86_64 SuSE Linux 9.3 (x86-64)
Am Samstag, 13. August 2005 02:52 schrieb Stephen Boddy:
I'm sorry Daniel, but I think that is grossly unfair to Shriramana, and that's the only reason I'm prolonging this antagonistic thread.
Yes, you're right. Shriramana told me already and he is fully right, too. I remembered that wrong. But I stay at my saying. It's just not Shriramana who is the example for that. Best, Daniel
On Saturday 13 August 2005 3:44 am, Daniel Eckl wrote:
Am Samstag, 13. August 2005 02:52 schrieb Stephen Boddy:
I'm sorry Daniel, but I think that is grossly unfair to Shriramana, and that's the only reason I'm prolonging this antagonistic thread.
Yes, you're right. Shriramana told me already and he is fully right, too. I remembered that wrong.
But I stay at my saying. It's just not Shriramana who is the example for that.
That is true, but having said that, and as I said in a post a day or 2 ago, some of us at times, at least, don't have a lot of time to get mail read and answered. I'd been working on systems, it was late, and I probably responded a tad quicker than I should have, not realizing that he really did want to know the "whys" to his question. I also tend to, at times, loose patience with some who can't resist asking a whole slew of questions when it's obvious a manual nor man page has never been read. I remember doing a 2 day seminar on Linux, using SUSE a few years ago, and there were 3 fellows who were/are professors at Cornell Univ., and they tied up my time and everyone else's time with "1,000 and 1" questions until I put a stop to it with, "Just do it this way, until you read the manual. Then if you still have questions, call me." ;) All 3 learned much more by reading the SUSE manuals, which are WELL written compared to others, and "playing" with their 'puters. I only rec'd 2 phone calls. Both questions were for info. that wasn't clear to them, and I didn't mind giving them the answers. Sometimes newbies are very enthusiastic, and that's great! But, they must also know that they will have to at times take what we tell them at face value now and then until they STUDY manuals and articles to get a better understanding of Linux, that they can't learn all there is to "know over night," and they should enjoy the journey as they become more proficient. Fred -- Planet Earth - a subsidiary of Microsoft. We have no bugs in our software, Never! We do have undocumented added features, that you will find amusing, at no added cost to you, at this time.
I wanted to send this to the list. Sorry for the double-post, Daniel. Daniel Eckl wrote:
To remember the beginning, the newbie just asked how to do a bad thing. The techies said, "Don't do it that way, it's bad. Better do it this other way."
After that, the newbie asked "why is that bad? I want to do it anyway! Show me a way how to do the bad thing!"
The newbie included the question "Show me how to do it" only in the first posting of "Why has this thing been disabled". After being informed that it has been disabled because it is a bad thing, he only wanted to know why it was bad. Please check mail history. Thank you. P.S: I may be biased towards myself, but Stephen Boddy has no reason to be, but he still writes: At no point did he say "I want to do it anyway! Show me a way how to do the bad thing!" Once it was explained to be a "bad thing"(tm) he simply asked why, So neither my memory nor my mail client's memory nor my computer's memory has gone wrong. -- Shriramana Sharma http://samvit.org
On Wednesday 10 August 2005 12:44 pm, Shriramana Sharma wrote:
Fred A. Miller wrote:
I don't know if it's accurate or not, as I don't login from a GUI. Change your setup in Yast, System Services (Run Level), Expert Mode, and make "xdm" ONLY run level 5 (init 5). Get out of all apps., and reboot. SUSE will come up to a konsole login. Then you can use "startx" to startup KDE.
Um, thanks, but how does this help me to login graphically as root using KDE?
--
Shriramana Sharma http://samvit.org ========
Try this instead from a shell: kdesu yast2 kdesu konqueror etc. Or you could even setup an icon to do the same thing when activated. regards, Lee -- --- KMail v1.8.2 --- SuSE Linux Pro v9.2 --- Registered Linux User #225206 There's no problem so awful that you can't add some guilt to it and make it even worse! ...Calvin & Hobbes
Fred A. Miller wrote:
I don't know if it's accurate or not, as I don't login from a GUI. Change your setup in Yast, System Services (Run Level), Expert Mode, and make "xdm" ONLY run level 5 (init 5). Get out of all apps., and reboot. SUSE will come up to a konsole login. Then you can use "startx" to startup KDE.
Um, thanks, but how does this help me to login graphically as root using KDE? And I'd like to use KDM, not XDM. -- Shriramana Sharma http://samvit.org
El Miércoles, 10 de Agosto de 2005 18:45, Shriramana Sharma escribió:
Fred A. Miller wrote:
I don't know if it's accurate or not, as I don't login from a GUI. Change your setup in Yast, System Services (Run Level), Expert Mode, and make "xdm" ONLY run level 5 (init 5). Get out of all apps., and reboot. SUSE will come up to a konsole login. Then you can use "startx" to startup KDE.
Um, thanks, but how does this help me to login graphically as root using KDE? And I'd like to use KDM, not XDM.
HI Edit /etc/kde/kdm/kdmrc and change AllowRootLogin=false by AllowRootLogin=true restar and it must work
On Wednesday 10 August 2005 1:31 pm, barkos wrote:
El Miércoles, 10 de Agosto de 2005 18:45, Shriramana Sharma escribió:
Fred A. Miller wrote:
I don't know if it's accurate or not, as I don't login from a GUI. Change your setup in Yast, System Services (Run Level), Expert Mode, and make "xdm" ONLY run level 5 (init 5). Get out of all apps., and reboot. SUSE will come up to a konsole login. Then you can use "startx" to startup KDE.
Um, thanks, but how does this help me to login graphically as root using KDE? And I'd like to use KDM, not XDM.
HI Edit /etc/kde/kdm/kdmrc and change AllowRootLogin=false by AllowRootLogin=true
restar and it must work
Please don't so this. Listen to the wisdom of everyone that is telling you how to do what you want to do the right way. From your regular user login go to the KDE menu, go to System and then click on YaST. It comes up asking for the root password. By design. When logged in as a normal user under KDE just press Alt+F2 and the run command dialog comes up. Here you can enter the "kdesu kate" or "kdesu kfmclient --profile filemanagement" for Konq as root. Keep doing this for all those one-off run-as-root things you need. Then when you do Alt+F2 press the Alt+down-arrow key and scroll to what you want to run, hit enter. Since KDE 3.4.1 it stops there so you can modify the line or just hit enter again and it runs. (Get used to double-pumping the enter key.) Stan
Stan Glasoe wrote:
Since KDE 3.4.1 it stops there so you can modify the line or just hit enter again and it runs. (Get used to double-pumping the enter key.)
So what version of KDE ships with SuSE 9.3? -- Shriramana Sharma http://samvit.org
On Wednesday 10 August 2005 9:36 pm, Shriramana Sharma wrote:
Stan Glasoe wrote:
Since KDE 3.4.1 it stops there so you can modify the line or just hit enter again and it runs. (Get used to double-pumping the enter key.)
So what version of KDE ships with SuSE 9.3?
3.4.0. I update with apt/synaptic to get current versions of stuff. Logged in as my normal user and running apt/synaptic as root, of course. :) Stan
Hi Mr(s) Shriramana Sharma login as root might be dangerous, but some tools provide graphical installers that should to be run as root. To do this i enter 'sux root' in a terminal window, and then i start that tool. ( Please Mr Miller : don't send another copy of your answer to this) regards Peter -- Peter Buckenleib Am Europakanal 8 91056 Erlangen Tel: 09131 992234 Fax: 09131 791045 Mail: peter.buckenleib@t-online.de
On Wednesday 10 August 2005 1:27 pm, Peter Buckenleib wrote:
Hi Mr(s) Shriramana Sharma
login as root might be dangerous, but some tools provide graphical installers that should to be run as root.
I don't know if I'm the only one this is happening to, or not ;-) but every time I log in as myself (normal user) and I launch YaST Control Center from my desktop menu, I'm prompted for my root password. I have no problem accessing the YaST modules from my user desktop... My 2 cents, - Carl
On Wed, 10 Aug 2005 13:51:27 -0400
"Carl E. Hartung"
On Wednesday 10 August 2005 1:27 pm, Peter Buckenleib wrote:
Hi Mr(s) Shriramana Sharma
login as root might be dangerous, but some tools provide graphical installers that should to be run as root.
I don't know if I'm the only one this is happening to, or not ;-) but every time I log in as myself (normal user) and I launch YaST Control Center from my desktop menu, I'm prompted for my root password. I have no problem accessing the YaST modules from my user desktop...
That's what I wanted to add as well. If Yast is the main reason to work as root there is no problem whatsoever. And as somebody already pointed out one can easily use "sax" in a terminal and start the few programs that really require root priviledges from there. I really wouldn't recommend using browsers, mailers, chat clients, P2P software, ..., as root! Some more 2 cents... ;-) Ingo P.S.: I noticed that a few people replying to the original message use a Reply-to to their private address instead of the list address. I wonder why, usually answers are meant for the list. -- Ingo Strauch ---- Registered Linux User #227900 (http://counter.li.org/) GPG Key Fingerprint = DEC8 1B12 9573 6BE7 7A99 C33F 809C 8C2C 772E 66A1 http://www.the-one-brack.org/
Ingo Strauch wrote:
as root there is no problem whatsoever. And as somebody already pointed out one can easily use "sax" in a terminal and start the few programs that really require root priviledges from there. I really wouldn't recommend using browsers, mailers, chat clients, P2P software, ..., as root!
I fully understand that. But I'm finding it difficult adjusting to all the commands and keyboard shortcuts that are showered on me: su sux sax kdesu sudo Ctrl+Alt+F1 Alt+F2 etc etc etc. -- Shriramana Sharma http://samvit.org
On Wednesday 10 August 2005 7:39 pm, Shriramana Sharma wrote:
Ingo Strauch wrote:
as root there is no problem whatsoever. And as somebody already pointed out one can easily use "sax" in a terminal and start the few programs that really require root priviledges from there. I really wouldn't recommend using browsers, mailers, chat clients, P2P software, ..., as root!
I fully understand that. But I'm finding it difficult adjusting to all the commands and keyboard shortcuts that are showered on me:
su sux sax kdesu sudo Ctrl+Alt+F1 Alt+F2 etc etc etc.
I feel your pain <g>. Been there, done that. It's a huge initial learning curve to climb, but it really is worth it in the end. My suggestion is keep it simple, stick to kdesu if you need to run a graphical app as root ( I find I am using 'kdesu kate' a lot myself since I hate vi and mcedit is too limiting for me). Use su if you simply need to switch to root at the commandline to accomplish something, like an RPM install. Learn a few of the essential commandline commands and you should be set, the rest will come with experience. It may seem overwhelming now, but trust me, it really will be worth the initial pain. Scott -- POPFile, the OpenSource EMail Classifier http://popfile.sourceforge.net/ Linux 2.6.11.4-21.8-default x86_64 SuSE Linux 9.3 (x86-64)
On Wednesday 10 August 2005 9:39 pm, Shriramana Sharma wrote:
Ingo Strauch wrote:
as root there is no problem whatsoever. And as somebody already pointed out one can easily use "sax" in a terminal and start the few programs that really require root priviledges from there. I really wouldn't recommend using browsers, mailers, chat clients, P2P software, ..., as root!
I fully understand that. But I'm finding it difficult adjusting to all the commands and keyboard shortcuts that are showered on me:
su sux sax kdesu sudo Ctrl+Alt+F1 Alt+F2 etc etc etc.
Shriramana
But you'll remember them and it will start making sense in time. Keep asking and keep ignoring the few "stupids" that get thrown around. Your point of educating a child about opening the door to a stranger is right on. We all need to remember we're here to help and get help. Security is a hot topic. Thanks for the excellent discussion. :) Stan
Peter Buckenleib wrote:
Hi Mr(s) Shriramana Sharma
It's Mr. :)
login as root might be dangerous, but some tools provide graphical installers that should to be run as root.
Thanks, but I wish to make clear that I don't want to do stuff like browse the net as root. Just pop in, do stuff with YaST, pop out, and back to user account before touching the net.
To do this i enter 'sux root' in a terminal window, and then i start that tool.
Is there a difference between su and sux? Thanks. -- Shriramana Sharma http://samvit.org
When using su, you cannot start graphical applications. That's because a graphical app has to somewhat authenticate to the graphic server to get allowance to show some graphic. That's a security function, so that no other user (which might be logged in remotely) get show up something on your screen, like a message box "Type in your root password to proceed" and fetch the output. When using sux, the authentication from the running konsole will be inherited to the root shell which you are starting with this command. Now you can start graphical applications as root. This way, you can start a konqueror instance which has root priviledges (not fine, but well, at the end it's not the whole KDE runing as root). For the linux command shell beginnings, I suggest reading the manual of your distribution or google for beginner guides. I did a quick google and found e.g. this one: http://www.merrowinternet.com/downloads/starter.pack/linux.intro.html There are thousand others but all will have this and that command which is different on SuSE and the other way round. Just keep your brain running when trying examples. Best, Daniel Am Mittwoch, 10. August 2005 20:51 schrieb Shriramana Sharma:
Peter Buckenleib wrote:
Hi Mr(s) Shriramana Sharma
It's Mr. :)
login as root might be dangerous, but some tools provide graphical installers that should to be run as root.
Thanks, but I wish to make clear that I don't want to do stuff like browse the net as root. Just pop in, do stuff with YaST, pop out, and back to user account before touching the net.
To do this i enter 'sux root' in a terminal window, and then i start that tool.
Is there a difference between su and sux?
Thanks.
--
Shriramana Sharma http://samvit.org
On Thu, 11 Aug 2005 00:21:41 +0530
Shriramana Sharma
Thanks, but I wish to make clear that I don't want to do stuff like browse the net as root. Just pop in, do stuff with YaST, pop out, and back to user account before touching the net.
Logging in as root, doing some stuff, logging out and logging in as user to do the rest is much to complicated IMHO. That's what sux is for.
To do this i enter 'sux root' in a terminal window, and then i start that tool.
Is there a difference between su and sux?
su won't allow you to start graphical programs. One could "fix" that by hand but sux takes care of all that automatically. Cheers, Ingo -- Ingo Strauch ---- Registered Linux User #227900 (http://counter.li.org/) GPG Key Fingerprint = DEC8 1B12 9573 6BE7 7A99 C33F 809C 8C2C 772E 66A1 http://www.the-one-brack.org/
On Wednesday 10 August 2005 01:51 pm, Shriramana Sharma wrote:
Peter Buckenleib wrote:
Hi Mr(s) Shriramana Sharma
It's Mr. :)
login as root might be dangerous, but some tools provide graphical installers that should to be run as root.
Thanks, but I wish to make clear that I don't want to do stuff like browse the net as root. Just pop in, do stuff with YaST, pop out, and back to user account before touching the net.
To do this i enter 'sux root' in a terminal window, and then i start that tool.
Is there a difference between su and sux?
Thanks.
--
Shriramana Sharma http://samvit.org
There's also the good old stand-by of "ssh -X -l root localhost". That will take care of the xauth for you and has the advantage of working the same across machines simply by changing localhost to the name of the remote machine. -- Kelly L. Fulks Home Account near Huntsville, AL
On Wed, 10 Aug 2005 21:34:44 -0500
"Kelly L. Fulks"
There's also the good old stand-by of "ssh -X -l root localhost". That will take care of the xauth for you and has the advantage of working the same across machines simply by changing localhost to the name of the remote machine.
I used to use this as well. But you need sshd running and you must allow root logins. If you don't take any other measures, this means people from the internet can try to break into your machine (and possibly directly as root as they know the account exists). This might be a bit academic, who knows. But I do know that my syslog is full of entries where people try to login on standard account names through my ssh. Since I've switched to using sux I can disable another service on my PC. Cheers, Ingo -- Ingo Strauch ---- Registered Linux User #227900 (http://counter.li.org/) GPG Key Fingerprint = DEC8 1B12 9573 6BE7 7A99 C33F 809C 8C2C 772E 66A1 http://www.the-one-brack.org/
On Wednesday 10 August 2005 13:27, Peter Buckenleib wrote:
Hi Mr(s) Shriramana Sharma
login as root might be dangerous, but some tools provide graphical installers that should to be run as root. To do this i enter 'sux root' in a terminal window, and then i start that tool. ( Please Mr Miller : don't send another copy of your answer to this)
regards Peter
-- Peter Buckenleib Am Europakanal 8 91056 Erlangen
Tel: 09131 992234 Fax: 09131 791045
Mail: peter.buckenleib@t-online.de
Wow, ouch! has anyone ever loaded LinSpire? My last install defaults to root login, with the 'option' of creating users later. Me thinks this is done to simplify transitioning xp home "all ports open" edition users. I have LinSpire on an older PC and it runs good for a first time Linux user, unfortunately, all in root mode, unless one creates a 'user' account and takes it from there. My first Linux, SuSE 5.x, I think (I don't remember) I ordered with a book and off I went, mostly the hard way, but never KDE as root (I never did like the bomb background) and I did not have this mailing list to go to. Newcomers should be welcome here, word of mouth is the best marketing and I think we all would like to see Linux take over windo....sorry, I can't say it. I wish I was as smart as many of you on this list are, for that reason I monitor it. Thank you and keep up the good work! ;) SuSE 9.3 Carl
On Thursday, 11 August 2005 05:37, Carl Luescher wrote:
Wow, ouch! has anyone ever loaded LinSpire? My last install defaults to root login,
always did...
with the 'option' of creating users later.
Does this work now? When I "tried" it (I actually had to pay for this trial) it would not really work... But this is not the only criticism to Lindows/Linspire. Thierry -- The problem with the world is stupidity. Not saying there should be a capital punishment for stupidity, but why don't we just take the safety labels off of everything and let the problem solve itself? Frank Zappa
participants (23)
-
BandiPat
-
barkos
-
C. Richard Matson
-
Carl E. Hartung
-
Carl Luescher
-
Daniel Eckl
-
Fred A. Miller
-
ianseeks
-
Ingo Strauch
-
James Wright
-
Kelly L. Fulks
-
Mike McMullin
-
Paul Foerster
-
Peter Buckenleib
-
Peter Vollebregt
-
Rainer Krienke
-
Randall R Schulz
-
Richard Atcheson
-
Scott Leighton
-
Shriramana Sharma
-
Stan Glasoe
-
Stephen Boddy
-
Thierry de Coulon