Puppy is great except running as root?

For discussions about security.
Message
Author
TheTick
Posts: 7
Joined: Sat 15 Nov 2008, 00:31

Puppy is great except running as root?

#1 Post by TheTick »

Hi,

I've tried Fedora, OpenSuSE, Mint Linux and was disgusted by the performance I got on my 900Mhz PIII 320G laptop. Damn Small Linux is nice but would take too much of my time to setup all the apps I would like to use. I just want to browse websites with firefox and look at email and dabble with basic Linux system admin.

I quickly installed Firefox and switched the menu fonts to something reasonable with the GTK theme chooser. Also I enabled the autohide in the .jwmrc-tray file. Afterwords I found the GUI config tool for jwm. Finally I setup my Prism 2 wireless card. All straight forward tasks that are not trivial for new Linux users.

As a long time UNIX user and backup sys admin as far back as 1992, I was a little disturbed puppy defaults to run as root? Now I know how to add users and can set that up , but root as default seems like a poor choice for security. Is there a reason root is the default?

User avatar
HairyWill
Posts: 2928
Joined: Fri 26 May 2006, 23:29
Location: Southampton, UK

#2 Post by HairyWill »

Will
contribute: [url=http://www.puppylinux.org]community website[/url], [url=http://tinyurl.com/6c3nm6]screenshots[/url], [url=http://tinyurl.com/6j2gbz]puplets[/url], [url=http://tinyurl.com/57gykn]wiki[/url], [url=http://tinyurl.com/5dgr83]rss[/url]

User avatar
alienjeff
Posts: 2265
Joined: Sat 08 Jul 2006, 20:19
Location: Winsted, CT - USA

#3 Post by alienjeff »

OFFS ... the holy war that seems to never end. FMI, check:

http://www.murga-linux.com/puppy/viewto ... 1ce314c1bd
[size=84][i]hangout:[/i] ##b0rked on irc.freenode.net
[i]diversion:[/i] [url]http://alienjeff.net[/url] - visit The Fringe
[i]quote:[/i] "The foundation of authority is based upon the consent of the people." - Thomas Hooker[/size]

Bruce B

#4 Post by Bruce B »

As a Unix user you know what Multi-Tasking, Multi-User machines are.

I trust me as root.

Like yourself, about all I'm really interested in, in terms of connectivity applications is the browsers. I do that as spot.

su spot
cd
. b -> .bashrc


And limited user spot has a full repertoire of alias, scripts, directories and etc. All which I made.

And spot runs the browsers. Also spot can run nearly all the apps, if I want, except some daemons. Then there are other users, seven or eight by default.

User avatar
alienjeff
Posts: 2265
Joined: Sat 08 Jul 2006, 20:19
Location: Winsted, CT - USA

Re: Puppy is great except running as root?

#5 Post by alienjeff »

Please excuse my earlier haste, but this issue keeps coming back to life. And quite honestly, it gets a little tired.
TheTick wrote:Is there a reason root is the default?
My knee jerk answer to this is "to aid in simplicity of design." Instead of trusting the opinion of a mere user like myself, you might be interested in what the developer has to say.

Scroll down to Q: Security concerns on Barry's FAQ page. He goes on to reference this rather contentious, tedious, and protracted thread.

Hope that helps.
[size=84][i]hangout:[/i] ##b0rked on irc.freenode.net
[i]diversion:[/i] [url]http://alienjeff.net[/url] - visit The Fringe
[i]quote:[/i] "The foundation of authority is based upon the consent of the people." - Thomas Hooker[/size]

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#6 Post by cthisbear »

" My knee jerk answer "

But booted that one home AJ.
Good one.

What I would like to know is if all those
advocating this type of - Security -
actually shred all their post addressed letters,
bank statements, utilities bills etc
to stop anyone going through their garbage and using
all this freely available info to defraud people.

No firewalls etc in the old garbo bin.

If I want root I'll get out my gardening fork.

Chris.

TheTick
Posts: 7
Joined: Sat 15 Nov 2008, 00:31

#7 Post by TheTick »

Yes I do shred all my mail. Anything with my address and/or name.

BTW I did read Barry's response and he does make sense in that puppy is NOT a server and all data except on your sfs files is read only. I just fear people see this and not understanding the unique puppy criteria think its OK for all Linux machines to boot to root.

Thanks for all the details .. and I will be running my browser and eamil client as spot. Thanks!

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#8 Post by Flash »

I'm still waiting for a report - from anyone anywhere, using any Linux distro - of a problem they had that would not have happened had they not been running as root. Without actual experience to analyze, we're just wasting our time guessing the worst that could occur.
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=69321][color=blue]Puppy Help 101 - an interactive tutorial for Lupu 5.25[/color][/url]

cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

#9 Post by cthisbear »

" Yes I do shred all my mail. Anything with my address and/or name. "

Fair enough................Chris.

bugman

#10 Post by bugman »

Flash wrote:I'm still waiting for a report - from anyone anywhere, using any Linux distro - of a problem they had that would not have happened had they not been running as root. Without actual experience to analyze, we're just wasting our time guessing the worst that could occur.
i deleted an essential file once, because i am an idiot

i suppose i could have deleted the file in a multi-user system too, but it would have taken longer

root still wins!

[more efficient idiot]

tw296
Posts: 51
Joined: Thu 13 Nov 2008, 18:33

#11 Post by tw296 »

Nth hand this one admittedly. But someone attempts to clear out a directory with

Code: Select all

rm -fr *
Problem is, there's some keymap issues, so he actually does

Code: Select all

rm -fr ~
. On this system, root's homedir was /

Bye bye system.

Also I seem to recall there's a gotcha with rm where something can match '..' (the parent directory) unexpectedly.

Finally, I don't have a major problem with puppy defaulting to root. What I have a problem with is it seems to make it inordinately difficult to login as NOT root.

Bruce B

#12 Post by Bruce B »

tw296 wrote:Nth hand this one admittedly. But someone attempts to clear out a directory with

Code: Select all

rm -fr *
Problem is, there's some keymap issues, so he actually does

Code: Select all

rm -fr ~
. On this system, root's homedir was /

Bye bye system.

Also I seem to recall there's a gotcha with rm where something can match '..' (the parent directory) unexpectedly.

Finally, I don't have a major problem with puppy defaulting to root. What I have a problem with is it seems to make it inordinately difficult to login as NOT root.
In your if scenario, you are talking about a stupid or possibly an intentionally destructive user.

Don't let stupid users use your computer, they can get their own to mess up.

If it be intentionally destructive, it wouldn't matter what OS or how it was configured. You would pretty well have to put the computer out of access.

For example, some companies have their really important servers and other computers in air conditioned rooms, which only the administrators and probably the owner has keys to.

disciple
Posts: 6984
Joined: Sun 21 May 2006, 01:46
Location: Auckland, New Zealand

#13 Post by disciple »

I still think the best answer is Nathan's tinfoil hat article (BTW he actually converted Grafpup to a multiuser system).
I'm still waiting for a report - from anyone anywhere, using any Linux distro - of a problem they had that would not have happened had they not been running as root.
That's pretty much what I say every time someone mentions this.

tw296 - we want real world examples of something someone has done, not theoretical examples of what they can do :)
What I have a problem with is it seems to make it inordinately difficult to login as NOT root.
The reason this is so is because no one has taken the time to make it easier. Perhaps you would like to volunteer? There are some people who would thank you.
Last edited by disciple on Wed 07 Oct 2009, 06:51, edited 1 time in total.
Do you know a good gtkdialog program? Please post a link here

Classic Puppy quotes

ROOT FOREVER
GTK2 FOREVER

tw296
Posts: 51
Joined: Thu 13 Nov 2008, 18:33

#14 Post by tw296 »

Bruce B wrote:In your if scenario, you are talking about a stupid or possibly an intentionally destructive user.

Don't let stupid users use your computer, they can get their own to mess up.
It makes sense to accept that anyone, while not stupid, can and will make mistakes. This includes ourselves. And actually, I have hosed my system while running as root - though what I was doing couldn't NOT have been done as root. I was working from a live cd trying to copy everything from my root partition to somewhere else for a backup; naturally, this can't be done from within the system. It failed, so I went to delete it, but was in the original not the backup when I did the rm -fr *. Kerblam.

Also, seeing as how Grafpup is a multiuser system - can't we (by which I mean me if I get the time) backport whatever changes make that possible to Puppy?

EDIT: Yes, Ubuntu's default setup is stupid. I change things so that sudo wants the ROOT password, that should make things a bit more secure (though how much?), though it defeats the real point of sudo - but who uses its full power on desktop systems anyways?
In any case, being 'as secure as Ubuntu' is hardly something to brag about. Remember that openssh bug? Inherited from Debian, true. But it shows that even Free Software can have seriously nasty things lurking in it that don't get picked up.

Making Puppy not run as root would shut up a huge amount of the forum questions. It's easily the most asked question about the distro.

In most distributions, the effort required to not run as root is so minimal that even if the security advantage is small, it's still worth doing. In Puppy that's not the case - running as root requires effort on the user's part, and it's perhaps effort not well spent. But I have yet to see any argument that running as root is MORE secure than not doing so.

disciple
Posts: 6984
Joined: Sun 21 May 2006, 01:46
Location: Auckland, New Zealand

#15 Post by disciple »

In most distributions, the effort required to not run as root is so minimal that even if the security advantage is small, it's still worth doing.
Maybe for you, but for me it is not worth it - I just find it annoying :)
Also, seeing as how Grafpup is a multiuser system - can't we (by which I mean me if I get the time) backport whatever changes make that possible to Puppy?
Well I'm not sure how much would be easy backporting and how much you would have to do from scratch. Grafpup 2 is a lot more different from puppy than Grafpup 1.x (which wasn't multi-user) was, and is also closer to the Puppy 2.x series than 4.x. So it wouldn't be a simple matter of copying and pasting.

I don't think there would be any big disadvantages (size or whatever) in Puppy having multi-user ability, so no one should complain about it.

You might like to:
1. ask around for people that are running Puppy as something other than root, and see what they had to do. There has been at least one forum thread about how to do it, but I don't think it was the sort of complete solution you would want.
2. talk to Nathan and see if he has any more notes or advice.
3. talk to the people working on Puppy. WhoDo is coordinating the next 4.x release, but this might be too big a change for it, so it may have to wait a release. I think there are also people working on new 3.x and 2.x releases, but IMNSHO the future is with 4.x
Do you know a good gtkdialog program? Please post a link here

Classic Puppy quotes

ROOT FOREVER
GTK2 FOREVER

Bruce B

#16 Post by Bruce B »

tw296 wrote: But I have yet to see any argument that running as root is MORE secure than not doing so.
Things can be put on par in many ways.

Puppy is a multi-user operating system.

Is there a connectivity application you don't want to run as root? Then don't, run it as another user.

Also, no reason anyone needs to run the terminal emulator as root either, except by user choice.

User avatar
DaveS
Posts: 3685
Joined: Thu 09 Oct 2008, 16:01
Location: UK

#17 Post by DaveS »

Root FOREVER!!!!!!!!!!!!!!!!!!
Spup Frugal HD and USB
Root forever!

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

I am a tree, I am root

#18 Post by Lobster »

Making Puppy not run as root would shut up a huge amount of the forum questions.
Ignorance of noobs [bless them] is not a reason. :)

To give you another example of a way Puppy is different.
New users run Puppy from CD (or DVD for extra speed) it runs fine and they can save their configuration to HD.
In the back of their heads (I used to have this), they insist that Puppy must be installed to hard disk. It is the way things are done after all . . .
Is it?
I gave up installing Puppy to HD several years ago. I run from DVD. Fast simple convenient. No spots before the eyes . . .
Forum admin Flash, runs from Multi-session quite happily.

The problem with 'root is bad' is people repeat it as a mantra without knowing why it is bad. On a shared network it makes perfect sense. That is where the mantra started. When people had Unix terminals.
We are Puppy and we have our own computers. Some of us even use them without wearing white coats.

If I was a tin-hat (terminal paranoid) I might change the permissions on my HD or encrypt my data or get a retina scan door for my computer room.

Pah!

. . . Meanwhile copyrighted material, government documents and peoples private facebook images are freely available . . .

The world is becoming transparent. I float up into the cloud . . . I am a tree, I am root
[my psychiatrist has been auto-dialled]
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

Bruce B

#19 Post by Bruce B »

If the dangers of rm -rf is of actual concern, it is not the end of the story, not for me anyway.

Code: Select all

alias rm='echo rm is disabled, use del or deltree instead'
Type this on the command line and see what you get. It disables using the rm command on the command line. It tells you to use del or deltree instead. Put it in .bashrc and you will not have to type it thrice.

Aliases have precedence on the CLI, but not in scripts, so it won't break the scripts written to use rm.

del

Code: Select all

#!/bin
# file name del
# purpose to prove a point
# script tested, extra rm switches cannot be added and used
# forces confirmation for each file deletion
# can delete multiple files on one command line
# would be good to test in several ways, but purpose is to prove a point

for i in "$@"
do
if [ -f $i ] ; then
rm -i $i
fi
done
deltree

Code: Select all

#!//bin/sh
# filename deltree, deletes directories and contents
# requires two user confirmations just for fun, could make it ten
# purpose: simple script to make a point
# note: could probably be used after testing and debugging
# script not tested so don't use it as is

if [ ! $1 ] ; then
echo "The directory name to be deleted is required, no changes made"
exit
fi

a=n

if [ ! -d $1 ] ; then
echo "The directory $1 doesn't exist, exiting, no changes made"
exit
else
echo "Are you sure you want to delete $1 and all it's contents [y,n]?"
read a
fi

if [ "$a" = "y" ] ; then
echo "One last chance! Are you really sure you want to delete $1 [yes,no] ?"
read a
else
echo "Exiting, no changes made"
fi

if [ "$a" = "yes" ] ; then
echo "Too late, we gave you two chances and you blew it."
echo  "$1 is history"
rm -rf $1
else
echo "Exiting, no changes made"
fi
One last point. Root can make files read only, and even root can't delete them.

One last, very last point, root can build a system from scratch, root can modify a system to administrator specifications, root is administrator and in control.
Last edited by Bruce B on Wed 19 Nov 2008, 09:48, edited 6 times in total.

Bruce B

#20 Post by Bruce B »

tw296 wrote: Making Puppy not run as root would shut up a huge amount of the forum questions.
That would be a sad day. If it weren't for posts questioning running as root, what would be the stimulus for arguing in its behalf?

Post Reply