Page 1 of 36 12311 ... LastLast
Results 1 to 10 of 355

Thread: What is the deal with Linux and root/admin privileges in the modern era

  1. #1
    Join Date
    Sep 2012
    Location
    Maryland, US
    Posts
    623

    Default What is the deal with Linux and root/admin privileges in the modern era

    Quite a griping title ehh??

    I want to start this post with a quote, it happens to be from another member who I holy respect and have gotten tons of great information from.

    .... and there will come lots of times when you will be glad that the mistake you made doesn't have "undesired system consequences" because you're just a user.
    So obviously this idea has been hashed out many times before by many people but sometimes we all get in a groove and all sing the same song even though there are better ideas.
    A user is a user is you and me and everybody, we need to cater to our users and that means me and you and yes I realize this is a multi-user system.

    I think there should be a Linux distro to give the "user" a nice secure system without all the hassle. Maybe its a Mac

    Seriously here is the simple idea, Why don't we authenticate once for all tasks?
    It seems ridiculous to me that we need to have authentication for every task into all time on my own computer.
    So I check out the warning that installing new software may harm my system, why do I need to see that 100 times?

    We are never going to be able to save everybody from mucking up there computer no matter how many warnings we give them.
    So why not go with the majority and and figure everybody is good.

    Why are we doing anything with application installs that need authentication? We need to move the whole application install to a new dharma in Linux. Everything needs to be in the home folder and then only communicate with those libraries they are registered for.

    Why do I need to authenticate to yast when messing with a joystick?

    Really, linux needs to be looking to the future and find a new easy way for security besides what everyone is doing now.
    Kernel: 4.12.14-lp150.12.7-default x86_64 bits:
    64 Desktop: Gnome 3.26.2
    Distro: openSUSE Leap 15.0

  2. #2
    Join Date
    Jul 2008
    Location
    Seattle, WA
    Posts
    17,044

    Default Re: What is the deal with Linux and root/admin privileges in themodern era

    On Wed, 30 Jan 2013 18:36:01 +0000, anika200 wrote:

    > Why don't we authenticate once for all tasks?


    Security.

    Malware trying to do stuff being able to escalate privileges without
    asking for it is a wonderful way to destroy a system.

    It's the same reason you don't just log into the desktop as root.

    Jim

    --
    Jim Henderson
    openSUSE Forums Administrator
    Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

  3. #3
    Join Date
    Mar 2009
    Location
    United States
    Posts
    612

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    I think Linus Torvalds was up in arms about this as well. Except he actually reported bugs and the issue was fixed.

  4. #4
    Join Date
    Sep 2012
    Location
    Maryland, US
    Posts
    623

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    Quote Originally Posted by nightwishfan View Post
    I think Linus Torvalds was up in arms about this as well. Except he actually reported bugs and the issue was fixed.

    Fixed?? I am doing this today. Did they just fix Linus copy?

    I really did not know this was an issue with openSUSE. From my experience this is basically a linux wide "problem".
    Kernel: 4.12.14-lp150.12.7-default x86_64 bits:
    64 Desktop: Gnome 3.26.2
    Distro: openSUSE Leap 15.0

  5. #5
    Join Date
    Sep 2012
    Location
    Maryland, US
    Posts
    623

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    Malware trying to do stuff being able to escalate privileges without
    asking for it is a wonderful way to destroy a system.
    So how does this make it more secure? If I want to use the Joystick and you need to put password in???? Then couple seconds later it asked for password again, I would enter it again. This is normal behavior as you could suspect a machine error or whatever.
    Kernel: 4.12.14-lp150.12.7-default x86_64 bits:
    64 Desktop: Gnome 3.26.2
    Distro: openSUSE Leap 15.0

  6. #6
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,884

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    I do not quite understand you. I am working for the whole day now and apart from giving my uername and password at my login (using KDE), I had to enter no other password then that of Kwallet, which then filled in the credentials of my mail providers and the Forums and my banking account and ....

    Normaly once a week I play the system manager and have maintenance time. I start YaST, give the root password and then do online update and maybe update Packman packages.

    I also manage my wife's system. She does not ven know the root password. Nevertheless she is able to do all the meanial tasks a normal end-user may see coming his/her way.
    Henk van Velden

  7. #7
    Join Date
    Jul 2008
    Location
    Seattle, WA
    Posts
    17,044

    Default Re: What is the deal with Linux and root/admin privileges in themodern era

    On Wed, 30 Jan 2013 19:26:01 +0000, anika200 wrote:

    >> Malware trying to do stuff being able to escalate privileges without
    >> asking for it is a wonderful way to destroy a system.
    >>
    >>

    > So how does this make it more secure? If I want to use the Joystick and
    > you need to put password in???? Then couple seconds later it asked for
    > password again, I would enter it again. This is normal behavior as you
    > could suspect a machine error or whatever.


    For system configuration items, yes (as was pointed out, Linus made noise
    about this and it has improved - in his case it was about configuring a
    printer).

    I was speaking in general terms - doing things that require root
    privileges require a password, and changing hardware configuration
    requires root privileges, so it requires a password to make those changes.

    Generally speaking, though, prompting for a password is more secure than
    not prompting for a password. It prevents privilege escalation (as I
    said) without the user's knowledge.

    It's like using sudo at the terminal prompt. You /can/ configure it to
    not prompt for a password, but that's not a best practice because if you
    run a script that does somethign nefarious, it can just "sudo ./
    breakmymachinenow.sh" and poof - your machine is broken.

    Now I don't know about you, but I would actually prefer to be asked
    before a rogue script or program destroyed my machine so I could /
    prevent/ that from happening.

    Jim

    --
    Jim Henderson
    openSUSE Forums Administrator
    Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

  8. #8
    Join Date
    Jun 2008
    Location
    UK
    Posts
    5,500

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    Quote Originally Posted by hcvv View Post
    I do not quite understand you. I am working for the whole day now...
    What, no joystick? Wild guess - you don't need one.

  9. #9
    Join Date
    Sep 2012
    Location
    Maryland, US
    Posts
    623

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    I had to enter no other password then that of Kwallet,
    Please take note, no offense meant to any obverse opinions this is a mental exercise for a better future.

    Well thats something to start with,Why does kwallet need my password every day for my email? Its the same flippin password every time of every day of every time and I need my email every day and it will never change. If I do want to change it then maybe a request for password would be appropriate.

    I was just wondering if we can come up with something better rather than going through the same thing we have been doing and what everyone defends?
    Kernel: 4.12.14-lp150.12.7-default x86_64 bits:
    64 Desktop: Gnome 3.26.2
    Distro: openSUSE Leap 15.0

  10. #10
    Join Date
    Jun 2008
    Location
    Groningen, Netherlands
    Posts
    19,662
    Blog Entries
    14

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    Anika, the thought is simple the way it was explained to me in my early UNIX training days:

    System -> root
    Using the system -> user

    That way, a program run as a user, cannot touch the system.
    ° Appreciate my reply? Click the star and let me know why.

    ° Perfection is not gonna happen. No way.

    https://en.opensuse.org/openSUSE:Board#Members
    http://en.opensuse.org/User:Knurpht
    http://nl.opensuse.org/Gebruiker:Knurpht

Page 1 of 36 12311 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •