Why I don't like running as root (in Puppy)

For discussions about security.
Message
Author
Testing1.2.3.
Posts: 2
Joined: Thu 01 Mar 2012, 02:14

Solved

#121 Post by Testing1.2.3. »

Not sure if this is only for newer distributions, but you can use

Code: Select all

su spot
This will give you user level access to start applications from the terminal...

This is an older post, but I hope that information helps someone.

I read through some of the pages hoping for a solution.

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

Re: Solved

#122 Post by nooby »

Testing1.2.3. wrote:Not sure if this is only for newer distributions, but you can use

Code: Select all

su spot
This will give you user level access to start applications from the terminal...

This is an older post, but I hope that information helps someone.

I read through some of the pages hoping for a solution.

I don't like " running as root (in Puppy) " either.

(Going derail just to explain. I love that I can run as root
this easily on Puppy but I don't like the added risk of being root okay)

But how can something that simple as

su spot

be the end of many years of futile search for a solution?

Sure I would be very happy if it is the solution but that would be
a surprise? I mean the Dev of Puppy has not accepted it or
should I trust them don't know about it?

We have a thread named Fixing Fido maybe you can help out with that
one using the su fido instead?
http://murga-linux.com/puppy/viewtopic.php?t=71358
Test it and give a description of how it solved things?

Friendly smile
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#123 Post by Pizzasgood »

Yeah, we know about spot. That lets you run things as a user on a program by program basis. Using 'su spot' is a good way to safeguard a program that might be hacked, e.g. your browser.

But no, it isn't a real solution to the actual problem caused by lack of multi-user, which is: how to securely share the OS among multiple human users. Multi-user is about protecting the other users of your install, not yourself. If there aren't any other users, then there isn't much point - even if you did run as a limited user, the hacker would have no trouble at all reading your data and setting up his code to run as soon as you log in.

The problem with being root is that IF you have other people using the computer, and the root account is compromised, the hacker can access everybody's data, and can bring down the entire OS if he wants. Giving each user his own account means they can't tamper with the OS and they can't tamper with eachother's files. If one of them gets hacked, the rest are still safe (assuming a strong root password and no other exploits leading to root). That is the functionality that multi-user provides. The 'su spot' technique isn't sufficient to provide that.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
cobelloy
Posts: 204
Joined: Mon 23 May 2005, 07:12
Location: Karratha W.Australia

what am I doing wrong ??

#124 Post by cobelloy »

hi, trying to run chrome - wont run as root, solutions such as the puppy-chrome script here http://murga-linux.com/puppy/viewtopic. ... 17&t=72667 and adding --user-data-dir= option to the google-chrome script will allow it to start but leave it unable to access any google features (gmail, google search etc...) another solution is to edit the binary file /opt/google/chrome/chrome so it no longer checks for superuser status - but I don't know how.

so

I added a user - with a home directory but when I su - user I get permission denied??

uuuggghhhh
please help

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#125 Post by Pizzasgood »

My guess would be that you forgot to make the new user the owner of his home directory, which could be done like this (adjusting for your own particulars):

Code: Select all

chown -R user:user /home/user
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
cobelloy
Posts: 204
Joined: Mon 23 May 2005, 07:12
Location: Karratha W.Australia

#126 Post by cobelloy »

nope - still get same error after running that chown command :(

User avatar
666philb
Posts: 3615
Joined: Sun 07 Feb 2010, 12:27
Location: wales ... by the sea

#127 Post by 666philb »

hi cobelloy

google chrome is working for me using iguleders run as root .pet....

gmail googleapps... search all working
Image
Bionicpup64 built with bionic beaver packages http://murga-linux.com/puppy/viewtopic.php?t=114311
Xenialpup64, built with xenial xerus packages http://murga-linux.com/puppy/viewtopic.php?t=107331

Bruce B

#128 Post by Bruce B »

Flash wrote:Anyone could drive a stake through this thread's heart anytime, by actually proving they had a problem which was caused by running Puppy as root. For instance, a computer that was taken over by malware which couldn't have worked if they hadn't been running as root. Until I see proof that it actually caused a problem, I'm not going to worry my pretty little head over running as root. :lol:
I was running as root, then got up and left the computer running. I helped someone move a sofa bed, and I tore a fingernail. It hurt and the pain lasted.

Slow learner which I must be, I'm still running as root. Still having problems such as spilling beverages on the keyboard.

~

User avatar
pemasu
Posts: 5474
Joined: Wed 08 Jul 2009, 12:26
Location: Finland

#129 Post by pemasu »

Above reminds me of...Dirk Gently's Holistic Detective Agency.
Holistic causalgia explains everything.
Running as root can cause really severe holistic consequences.
Be warned....

linuxbear
Posts: 620
Joined: Sat 18 Apr 2009, 20:39
Location: Las Vegas, Nevada, USA

#130 Post by linuxbear »

Bruce: Is it possible that the root of your recent problem is not Linux?

Post Reply