Re: Is this why you shouldn't log in as root?
On Mon, Apr 28, 2003 at 01:03:03PM -0400, alex wrote:
> Assume that you log in to Gnome as a user, call up a
> terminal and then do su or sudo.
>
> Does this give root access to Gnome or is root's
> operation restricted to what it does in the
> terminal while user can still operate in Gnome?
More-or-less. If the gnome terminal was somehow malicious, then it
could use the newly su-ed access for nefarious things, but I doubt this
is really a consideration (especially what you're doing).
> My thinking is that since user doesn't have the
> permissions that root has, user can't do as much
> damage in Gnome that root could. So, by not logging
> root in to Gnome (or KDE), root doesn't have the
> opportunity to do any damage.
Correct. In fact, this is the way you are *supposed* to do things. Do
all your work as user, except what you have to do as root. Use 'sudo' for
things you'd need to do repeatedly (like running a backup script after
manually loading a tape), and 'su' for the times when you need a root
shell.
Only time you should *ever* log in as root (not with 'su' or 'sudo') is
when doing system maintenance.
--
Don Werve <donw@examen.com> (Unix System Administrator)
Yorn desh born, der ritt de gitt der gue,
Orn desh, dee born desh, de umn bork! bork! bork!
Reply to: