root mode: heresia? ... and more largely security

Non release banter
User avatar
francois
Contributor
Contributor
Posts: 6434
Joined: 28 Dec 2010, 14:25
Distribution: xfce plank porteus nemesis
Location: Le printemps, le printemps, le printemps... ... l'hiver s'essoufle.

root mode: heresia? ... and more largely security

Post#1 by francois » 02 Oct 2015, 20:16

I have been working in root mode since about 10 years now with porteus or slackware based os. Even surfing on the net. It does not seem that my identity was stolen. I did not get virus or at least not that I am aware. I do not keep my data on the computer but on a usb.

However, each time I write on some other forum about that way that I have to work with linux, I almost get crucified.

So please do not call me an heretic. I hate using sudo or su all the time with these task that are my daily chores.

However, lets look at the reasonable and the worst scenario. No arbitrary judgments here, only statements that could be observed or described: only facts.

This said your commentaries are appreciated.
Prendre son temps, profiter de celui qui passe.

donald
Full of knowledge
Full of knowledge
Posts: 2064
Joined: 17 Jun 2013, 13:17
Distribution: Porteus 3.2.2 XFCE 32bit
Location: Germany

Re: root mode everywhere: heresia?

Post#2 by donald » 02 Oct 2015, 23:15

logging in as guest protects you from one person - yourself
it simply adds an extra level of security.

--> I do not keep my data on the computer but on a usb.<--..Thus, one should do it.
------------------------------------------------------------------------------
Restrictions are useful on multi-user systems.
You may want to protect the computer from the users.
-------------------------------------------------------------------------------
btw.
It's no problem if you use a root running live CD.
The medium CD can not become compromised.

User avatar
brokenman
Site Admin
Site Admin
Posts: 6105
Joined: 27 Dec 2010, 03:50
Distribution: Porteus v4 all desktops
Location: Brazil

Re: root mode everywhere: heresia?

Post#3 by brokenman » 03 Oct 2015, 02:36

Each to his own. Were you being crucified on a forum where people run distros from a hard drive on a real file system? These people have a point in that (for example) giving a buggy internet browser root access to your stuff is asking for trouble. Personally I don't boot as root, but mostly work in CLI where I su to root, and more than once have been too sleepy and made an error. Booting to guest doesn't even save me from myself sometimes. I have created habits where a mistake as root is not so serious. In the end on a 'one user' system the choice is completely yours and nobody else should feel the need to tell you how to run your own show. They can go root themselves (or not if they so choose).

## sudo end rant
How do i become super user?
Wear your underpants on the outside and put on a cape.

User avatar
francois
Contributor
Contributor
Posts: 6434
Joined: 28 Dec 2010, 14:25
Distribution: xfce plank porteus nemesis
Location: Le printemps, le printemps, le printemps... ... l'hiver s'essoufle.

Re: root mode everywhere: heresia?

Post#4 by francois » 03 Oct 2015, 04:53

@brokenman:
Personally I don't boot as root, but mostly work in CLI where I su to root, and more than once have been too sleepy and made an error
Once in a while when I am on one of these non-root distros, I su than thunar or whatever program. I do survive. Maybe it is just a question of doing it regularly.

So you find browsing in guest mode almost safe. Is this really safe with a distribution like porteus?

@donald:
I have the impression that you would not even boot and browse as guest. Am I right?
Prendre son temps, profiter de celui qui passe.

donald
Full of knowledge
Full of knowledge
Posts: 2064
Joined: 17 Jun 2013, 13:17
Distribution: Porteus 3.2.2 XFCE 32bit
Location: Germany

Re: root mode everywhere: heresia?

Post#5 by donald » 03 Oct 2015, 11:22

@francois
Well, I'm (always) logged in as guest and I su to root if I need to.

Now let us think about what can happen.
1st scenario...logged in as root:
If someone would be able to go past your router and/or Firewall and a crappy Program
gives him/her access to your system he/she could manipulate
a) the system Files
b) steal your personal Files (credit-card, passwords etc)

2nd scenario....logged in as user (guest)
The attacker would be logged in with your user ID, means he/she could not
manipulate the system Files, but he/she would still have access to all your
personal Files/Data,

You see, the only important thing is not to have any important / sensitive
Files on the system because it make no difference.(root or guest.)

I only take care for my personal Data, the system can be restored in Minutes.
And porteus is special because you do not have a static Filesystem on a HDD
and the Modules are read only (are they?).

cttan
Shogun
Shogun
Posts: 333
Joined: 26 Jan 2011, 16:15
Distribution: Porteus 3.2 and 4.0 64bit KDE
Location: Malaysia

Re: root mode everywhere: heresia?

Post#6 by cttan » 03 Oct 2015, 13:28

Hi francois,

I'm also a 100% fully root person.

User avatar
francois
Contributor
Contributor
Posts: 6434
Joined: 28 Dec 2010, 14:25
Distribution: xfce plank porteus nemesis
Location: Le printemps, le printemps, le printemps... ... l'hiver s'essoufle.

Re: root mode everywhere: heresia?

Post#7 by francois » 03 Oct 2015, 13:37

@cttan:

This is a great releif. Do you do something in peculiar to survive? :)
Prendre son temps, profiter de celui qui passe.

beny
Full of knowledge
Full of knowledge
Posts: 2086
Joined: 02 Jan 2011, 11:33
Location: italy

Re: root mode everywhere: heresia?

Post#8 by beny » 03 Oct 2015, 14:42

hi, yes, an iso of the running system,btw better to use the guest account but i can't see myself in third person,

cttan
Shogun
Shogun
Posts: 333
Joined: 26 Jan 2011, 16:15
Distribution: Porteus 3.2 and 4.0 64bit KDE
Location: Malaysia

Re: root mode everywhere: heresia?

Post#9 by cttan » 04 Oct 2015, 02:06

@francois
I clear browser cache whenever I login to a bank site.
Other than that save data on USB. Most of the time I'm behind a router.
Normally my Porteus session last a few days. But the current session has lasted for 24 days.
I like to reboot my Porteus session. :twisted:

Bogomips
Full of knowledge
Full of knowledge
Posts: 2564
Joined: 25 Jun 2014, 15:21
Distribution: 3.2.2 Cinnamon & KDE5
Location: London

Re: root mode everywhere: heresia?

Post#10 by Bogomips » 04 Oct 2015, 20:39

cttan wrote:Normally my Porteus session last a few days. But the current session has lasted for 24 days.
I like to reboot my Porteus session. :twisted:
24/7 x 24 :shock: Energy consumption or contribution to detriment of environment, looks like overlooked. Own sessions last till day's end, unless having outside commitments, in which case it becomes two sessions per day. And I know brokenman's sessions last about a day, as he always has to avoid stubbing his toe while making his way from computer to bed. :roll:
Linux porteus 4.4.0-porteus #3 SMP PREEMPT Sat Jan 23 07:01:55 UTC 2016 i686 AMD Sempron(tm) 140 Processor AuthenticAMD GNU/Linux
NVIDIA Corporation C61 [GeForce 6150SE nForce 430] (rev a2) MemTotal: 901760 kB MemFree: 66752 kB

User avatar
francois
Contributor
Contributor
Posts: 6434
Joined: 28 Dec 2010, 14:25
Distribution: xfce plank porteus nemesis
Location: Le printemps, le printemps, le printemps... ... l'hiver s'essoufle.

Re: root mode everywhere: heresia?

Post#11 by francois » 04 Oct 2015, 20:58

@cttan:
I clear browser cache whenever I login to a bank site.
I do the same as proposed by my bank.

I do not work from always fresh mode, but with persistance (changes=). Do you?

However, there is more to it. If you run with google-chrome or chromium as root. It seems that running with:

Code: Select all

google-chrome --user-data-dir

could be a bad habit, especially under windows. But what about linux?
Personally, I never had real problems.

Which browser do you use?

My most recent version of google-chrome as to run without sandbox which is said to be a security risk:
http://www.insanitybit.com/2013/04/29/e ... x-sandbox/
http://forum.porteus.org/viewtopic.php? ... 340#p37340
Prendre son temps, profiter de celui qui passe.

Bogomips
Full of knowledge
Full of knowledge
Posts: 2564
Joined: 25 Jun 2014, 15:21
Distribution: 3.2.2 Cinnamon & KDE5
Location: London

Re: root mode everywhere: heresia?

Post#12 by Bogomips » 24 Jan 2016, 15:51

Talk about chaos theory. Well something like that happened to me. Having updated iso to have kernel 4.4.1, noticed my changes being saved despite kernel parameter changes-ro to update on startup only. This being presumably caused by bug in new initrd. Normally run in Always Fresh mode, and so do not worry about having irrelevant files cluttering the system at next session start. Owing to changes being saved, decided to get rid of three or four files before reboot, selected with file manager, did not notice untoward with request for permission to delete four items, hit OK, and imagine utter shock when informed in process of deleting over 500 files! :shock: Shock and panic. mnt/sda1 had also for some reason been selected, which had not noticed, and on top of that /mnt/sda1 had for some reason in the past changed ownership to guest, which I only found out afterwards. Thank God /tmp could not be deleted, at which point was given the choice to cancel. Now if had been root there would be no system left to reboot. Also better to delete files by hand, as file manager will not stop at directory, but also delete it. Needless to say have now changed ownership of /mnt/sda1 to root 8)
Linux porteus 4.4.0-porteus #3 SMP PREEMPT Sat Jan 23 07:01:55 UTC 2016 i686 AMD Sempron(tm) 140 Processor AuthenticAMD GNU/Linux
NVIDIA Corporation C61 [GeForce 6150SE nForce 430] (rev a2) MemTotal: 901760 kB MemFree: 66752 kB

donald
Full of knowledge
Full of knowledge
Posts: 2064
Joined: 17 Jun 2013, 13:17
Distribution: Porteus 3.2.2 XFCE 32bit
Location: Germany

Re: root mode everywhere: heresia?

Post#13 by donald » 24 Jan 2016, 16:57

^
Nice Story...shit happens all the Time and everywhere.
That's why I cannot stop preaching:
Backup whole Drives
Backup Partitions
Backup Files
Backup Backup Backup Backup...
But as always, nobody does it until it crashes.

The idea of "Educating Users" seems less than dumb: education is always good.
On the other hand, if it was going to work, it would have worked by now. :)

User avatar
brokenman
Site Admin
Site Admin
Posts: 6105
Joined: 27 Dec 2010, 03:50
Distribution: Porteus v4 all desktops
Location: Brazil

Re: root mode everywhere: heresia?

Post#14 by brokenman » 24 Jan 2016, 21:17

Yes. I read somewhere ... there are two types of people. People that make regular backups, and people that have never had a hard drive crash.
How do i become super user?
Wear your underpants on the outside and put on a cape.

User avatar
francois
Contributor
Contributor
Posts: 6434
Joined: 28 Dec 2010, 14:25
Distribution: xfce plank porteus nemesis
Location: Le printemps, le printemps, le printemps... ... l'hiver s'essoufle.

Re: root mode everywhere: heresia?

Post#15 by francois » 25 Jan 2016, 11:43

I have always had backups of the essential stuff on usb key and on external hdd.

Since a month I have decided to use in root mode the normal user to start google-chrome:
su -c google-chrome guest
Prendre son temps, profiter de celui qui passe.

Post Reply