Page 1 of 4 123 ... LastLast
Results 1 to 10 of 34

Thread: Confirmation dialogue instead of root password for system actions

  1. #1
    Join Date
    Jan 2009
    Location
    Romania, Bucharest
    Posts
    717

    Default Confirmation dialogue instead of root password for system actions

    Although I appreciate the security openSUSE has, one thing I dislike compared to Windows 7 is having to type root's password at least once per login when running a program that requires system access (like entering Yast, opening the software manager, etc). While this is very important on public machines like work computers, it's not needed for home computers where I am the only user, no one touches my computer without asking, and my username's password is the same as root's for this very reason. It's actually less secure... because if a messenger window pops up while I'm looking at the keyboard and focuses without me noticing, I might actually type my password to someone (lol). I prefer the way this is done in Windows 7, where a window with a yes or no button informs me that a program wants to make administrative changes and I must confirm its access (as it keeps bad applications from doing bad stuff).

    Is there a way to make specific users not have to write root's password and simply confirm with an ok / cancel dialogue? If a dialogue without the password isn't possible, can I disable this entirely? Like I said there's no risk of someone catching my computer unlocked and messing with my system (even trying to), so I don't need it unless it's to protect from malware and that sort of thing.
    openSUSE Tumbleweed x64, KDE Framework 5

  2. #2

    Default Re: Confirmation dialogue instead of root password for system actions

    MirceaKitsune wrote:
    > Is there a way to make specific users not have to write root's password
    > and simply confirm with an ok / cancel dialogue? If a dialogue without
    > the password isn't possible, can I disable this entirely? Like I said
    > there's no risk of someone catching my computer unlocked and messing
    > with my system (even trying to), so I don't need it unless it's to
    > protect from malware and that sort of thing.


    You can do it using sudoers. But given that you have already said how
    little you know and how worried you are about potential problems, I
    would suggest you do not use it. Also, for that reason, I am not going
    to explain all the details. If you want to use it then figuring out how
    to set it up will go some way to demonstrating that you are ready to use it.

  3. #3
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,865

    Default Re: Confirmation dialogue instead of root password for system actions

    And added to that, I wonder what you are doing all the time that you need to be root so often. IMHO it must be possible to do your normal work (that is, the things you bought the computer for in the first place) as end-user without changing your role to system manager so often. When I forget about the times I do things as root because I want to help people here on the Forums (recreating their problem or prepariig a working solution that can be copied/pasted directly from the terminal into a post), I think I need root about once a week. Of course more often when I change an openSUSE version, but even then I gather things to be done and then switch to root to do them in one session.

    And I guess, you are allready waiting for a remark like this. We generaly think it is pretty stupid:
    . to use the same password as your (or any) end-user and root;
    . to use root that often in an unorganised way (on Thuesday morning I do system management maintenance tasks if needed), because then happens what you experience, doing it so often that you loose security consiousness;
    . removing build-in security by unarming it with tools like sudo/sudoers to the utmost;
    . doing worse (I will not tell what).

    But, in the end, it is your system, you can do what you like, but please do not ask advice here on how to switch to bad practices.
    Henk van Velden

  4. #4

    Default Re: Confirmation dialogue instead of root password for system actions

    Quote Originally Posted by MirceaKitsune View Post

    Is there a way to make specific users not have to write root's password and simply confirm with an ok / cancel dialogue? If a dialogue without the password isn't possible, can I disable this entirely? Like I said there's no risk of someone catching my computer unlocked and messing with my system (even trying to), so I don't need it unless it's to protect from malware and that sort of thing.
    Code:
    #  grep -A 2 wheel /etc/sudoers

  5. #5
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Confirmation dialogue instead of root password for system actions

    On 2012-09-24 12:46, MirceaKitsune wrote:
    >
    > Although I appreciate the security openSUSE has, one thing I dislike
    > compared to Windows 7 is having to type root's password at least once
    > per login when running a program that requires system access (like
    > entering Yast, opening the software manager, etc).


    In my W7 I have to type the administrator password everytime I try to do certain things. It is
    the same on both sides. :-)

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.1 x86_64 "Asparagus" at Telcontar)

  6. #6

    Default Re: Confirmation dialogue instead of root password for system actions

    Quote Originally Posted by robin_listas View Post

    In my W7 I have to type the administrator password everytime I try to do certain things.
    Jailbreak it!

  7. #7
    Join Date
    Jan 2009
    Location
    Romania, Bucharest
    Posts
    717

    Default Re: Confirmation dialogue instead of root password for system actions

    Thanks for all the replies. Though from the looks of it, I asked something rather immoral for the Linux world and got some weird looks for it I'm still fairly new to Linux so not surprising if I missed anything. But well, since it's a fully personal machine (physically located in my room too) and I have neither friends or relatives that might try to break into it, I don't see why this would be considered insecure. Even so I always lock my session when I leave the room. Scripts or other applications from the web that might automatically try to run programs are my main concern.

    I don't do a lot of activities that require root, but there are some. 90% of the time it's installing or uninstalling something via Yast. Either through the repositories, or by using make-install in the console (which requires root), but for the console I don't mind. I'm also still experimenting a lot with with things in Yast and open the Yast window frequently. Also, I occasionally open Superuser-Dolphin since it's the only way to edit some special folders.

    As for Windows 7 requesting a password whenever doing administrative tasks, that never happened to me. Either you configured Win 7 to ask for a password on such tasks, or I configured mine not to when I installed it years ago and forgot it's not even default. In my case it shows a window and I just click OK.
    openSUSE Tumbleweed x64, KDE Framework 5

  8. #8
    dd@home.dk NNTP User

    Default Re: Confirmation dialogue instead of root password for system actions

    On 09/24/2012 04:46 PM, MirceaKitsune wrote:
    > Scripts or other
    > applications from the web that might automatically try to run programs
    > are my main concern.


    while running openSUSE as yourself if you download an intrusive
    something (script, root kit, keylogger, whatever) it will not be able to
    operate with root permissions....that is, it won't be able to take over
    your entire system...and make it respond to the commands of a foreign
    machine.

    but, if YOU can perform system wide changes without entering a root
    password, so could _anything_ you download, install with a thumb
    drive/CD, get in an email etc etc etc..

    so: be happy to have a naturally more secure system, and don't be so
    keen to make it as easy as Win7, because as you do you also make easier
    to crack and control.

    yes, it takes a little more effort...but, the good side is you don't
    have to buy or run any anti-virus.

    --
    dd http://tinyurl.com/DD-Caveat

  9. #9
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,363
    Blog Entries
    3

    Default Re: Confirmation dialogue instead of root password for system actions

    Here's how I like to describe the situation.

    The reason that I am strict about security, is that I know that if I stop being careful, somebody is going to make a mess of my system.

    Furthermore, I even know who is that somebody. It will be me (in a moment of carelessness).

    As they say:

    To err is human;
    to really mess up, you will need a computer.
    openSUSE Leap 15.1; KDE Plasma 5;

  10. #10
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Confirmation dialogue instead of root password for system actions

    On 2012-09-24 16:46, MirceaKitsune wrote:
    >
    > Thanks for all the replies. Though from the looks of it, I did ask
    > something immoral for the Linux world and got some weird looks for it
    > I'm still fairly new to Linux so not surprising if I missed anything.
    > But well, since it's a fully personal machine (physically located in my
    > room too) and I have neither friends or relatives that might try to
    > break into it, I don't see why this would be considered insecure.


    You forget internet.


    > As for Windows 7 requesting a password whenever doing administrative
    > tasks, that never happened to me. Either you configured Win 7 to ask for
    > a password on such tasks, or I configured mine not to when I installed
    > it years ago and forgot it's not even default. In my case it shows a
    > window and I just click OK.


    I use the recommended practice of NOT running Windows as administrator. If you do then you do
    get the prompt to click ok. You are using Windows incorrectly and dangerously.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.1 x86_64 "Asparagus" at Telcontar)

Page 1 of 4 123 ... LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •