If one has Firefox -or any other web browser- with opened login sessions (say, in gmail, yahoo, twitter, or any forum), an IRC client, and an opened terminal session as the root user, all running at same time, how risky/exploitable is one becoming?
I have never had way of telling “yes” or “no”, nor being able to find answers in other forums, so I always have to be careful to run just and only one application of the kind at the same time. Needless to say this sometimes becomes a bit unefficient.
But since I’d like to try Emacs for text editing and trying its own inbuilt IRC client, but I use command line very often either as standard user and root user…
So,
In the first place a little bit of fundamental 32bit/64bit architecture is necessary…
You should know that although there is a physical memory map, the OS presents a pristine virtual memory space to every running application. That means that although you always will have multiple apps and services running on your machine, every application will think it’s running all by its lonely self with all the memory in the world all for its own use. No application will generally see any other application unless there is a specific reason for that to happen.
And then, the OS will manage and co-ordinate each and every one of these virtual memory spaces, mapping actual use to the physical memory map.
So, each application can’t really see what is happening elsewhere on your machine.
Although this is the way things generally work, for the most part everything is designed to maximize performance with less priority on security to make sure everything is responsive. If for some reason you want to impose a higher level of security, you can run your apps in cgroups (eg Docker or LXC) or virtualized machines.
Bottom line is that…
If you for instance run multiple web browsers, what you do in each web browser should generally be isolated from what is done in another web browser because they won’t likely share any application code, and can be considered securely isolated against general, higher level intrusion. But, if you want a more certain level of isolation, then you need to do something else, like Docker or LXC (or various other possible options).
Note when running multiple instances of certain apps like console apps (Emacs of course is one) that systemd will share some common code between multiple instances of the same app. So, there are a few special considerations like this.
For a start, as long as you do not run any of those other programs as root, but only have a terminal windows running as root, you are pretty save. In any case, you would use that root terminal session only for a short time I assume.
By chance, do you mean the Swap partition in general Linux, and those strange hidden temp files in Windows?
Yes, generally I procure to use root sessions in general (terminal, yast…) for a short time, although IIRC time gets longer whenever doing update or installation tasks. But for these cases it’s anyway suggested to close applications, right? But, hypothetically, can there be consequences if for some reason time as root got longer?
Also, wouldn’t tsu2’s argument slightly contradict what you said?
“When running multiple instances of certain apps like console apps systemd will share some common code between multiple instances of the same app.”
When the same program is loaded several times in memory (several processes), if used by the same user or another, the code pages will be shared (and they will be read-only). Data pages will be separate of course and be protected from each other.
The protection of code pages against each other (overflow of their boundaries) is as old as real multi-process operating systems and can be taken for granted I assume (when not, you better try to run a single process, not network connected system for yourself in a dark room with all doors locked).
While it is general not a bad idea to to organize an “update window” during which your users are encouraged (or maybe even forced) to log out during system maintenance, the impact from updates depends on what is updated.
In general an update involves replacing of files by the same files of the newer version. In Unix/Linux, removal of the old file means that it’s entry in the directory is deleted, but the inode and the data blocks are only freed after the last process using the file closes the file. In the meantime the new file is created and a new entry in the directory is made. This means that a running process will continue using the old file, while a new process of the same program will be started from the new file. They can happy run alongside each other.
But with more complicated programs that open and close files during running, it is then possible that a combination of files from before and after the update is used (think of the old executable using a newer central configuration file, or an old kernel loading a newer module). In general the changes are not that big that it matters, but it is the main reason to “advice” a reboot after a kernel update. And the same “advice” to restart some programs, or the desktop (desktops are of course a good example of a bunch of programs/files working together) depending on what is updated.
BTW, I do not understand what “systemd” has to with it in the text you quote above. I guess this is a typo and that “kernel” is meant instead.
Took a while to understand all the details; thanks very much.
When mentioning “systemd” I was just quoting mr tsu2, but I’m a bit surprised by your comment: systemd is really the “global process manager” of the entire OS, isn’t it? So it would be related as well…
So in the end, does all of this mean “as long as you do not run any of those other programs as root, and only have one terminal window running as root, there’s virtually no risk”? Firefox opened sessions, IRC, or even root session in one separated terminal window cannot really overlap?
Can there be consequences if for some reason time root terminal session lasts longer?
This is more about best practice than absolutes. It’s through the possible existence of a kernel vulnerability or similar that a hacker might gain control of a PC running a root process. Though the chances are small (provided you keep your system fully-updated) there are always risks of a system being compromised. An informative article on the subject
In a SysVinit system, when you run multiple instances of an app, each instance is run in its own virtual memory map without sharing any application resources with any other instance.
One of the efficiency improvements in systemd is for multiple instances of the same application to share a common core functionality, then assign a different virtual memory map for anything unique to the instance.
But, that only applies to running multiple instances of the <same> app.
If you’re running different apps, there are no shared resources.
I don’t think you are grasping the idea of virtual memory usage in computing, the Wikipedia entries that follow describe basics. The additional concept I don’t notice covered is that the virtual memory available to any process is completely uncluttered with competing processes, the process can function as though it is the only one running, completely unaware of anything else that is running
So even if I had 2 terminal windows at same time, one using irssi or emacs and the other one using a root session, I would still not be very at risk since only the terminal program “source code” is being shared, yet not the particular data of the activities being done in each terminal instance?
@deano_ferrari:
I probably misunderstood, just as always… does the article slightly look like a “didactic exercise” for self autoexploting?
In my stress I mistyped my root password when trying to do su in terminal. I got “login failed” message or something like that. Tried again and I entered. But I got nervous and rebooted system.
Does making mistakes in typing passwords for su or other stuff makes me vulnerable/exploitable, or cause damage to the local OS?
I think you are a bit too nervous. Mistyping a password is just that. You get a message and then you may try again. That is no disaster. People are mistyping all sorts of things, including passwords all of the time. And why rebooting would be a cure to that is beyond me. That is like destroying your house and build a new one because you tried to use the wrong key on the front door. The correct thing to do is use the correct key then.