TSce 3.3ce-session manager? optionally not run as root

A home for all kinds of Puppy related projects
Post Reply

Do you think a session manager is needed?

You're off you're rocker NO WAY!
0
No votes
Might be a good idea but I don't know how to do it.
3
100%
It is a good idea and I plan to help out.
0
No votes
 
Total votes: 3

Message
Author
User avatar
cb88
Posts: 1165
Joined: Mon 29 Jan 2007, 03:12
Location: USA
Contact:

TSce 3.3ce-session manager? optionally not run as root

#1 Post by cb88 »

Should be in logout/shutdown menu

Should pop up a gtkdialog asking if you want to switch to enhanced security mode

Should offer to make it the default configuration with a checkbox

should allow to enter a username and password if it has not been set

It should also run a check to make sure that the firewall is running

The reson I suggest this is because many puppy linux installations are being installed by non-technical people and if someone hacks into their computer and messes it up their pupsave could be ruined

I have no idea how to run puppy as non-root but graphpup already does so maybe Nathan can give use a hand
Taking Puppy Linux to the limit of perfection. meanwhile try "puppy pfix=duct_tape" kernel parem eater.
X86: Sager NP6110 3630QM 16GB ram, Tyan Thunder 2 2x 300Mhz
Sun: SS2 , LX , SS5 , SS10 , SS20 ,Ultra 1, Ultra 10 , T2000
Mac: Platinum Plus, SE/30

User avatar
ecomoney
Posts: 2178
Joined: Fri 25 Nov 2005, 07:00
Location: Lincolnshire, England
Contact:

#2 Post by ecomoney »

I confess Im not familiar with the user controls with other linux's, but from the amount of virused up windows boxes that we get through the community centre then I can safely say puppy is far more secure than 98% of the computers out there, even running as root. I understand the read only nature of the pup_xxx.sfs file makes hacking puppy a lot more difficult?
Puppy Linux's [url=http://www.murga-linux.com/puppy/viewtopic.php?p=296352#296352]Mission[/url]

Sorry, my server is down atm!

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#3 Post by Pizzasgood »

Not so much as it makes cleaning up very easy. Unless the hacker messes with the actual harddrive, you're pup_xxx.sfs file will still be there, containing the unmodified original files. Any modified files are only modified in the save file. If you mount it from a pfix=ram session, you can delete any changed files (or the relevant .wh_ file for removed files), then reboot and the original version in the pup_xxx.sfs file should be used.

Worst case scenario is you rename the save file and start over, then mount it and just grab any data that was important to you.

This easy cleanup system is one of the reasons I like Frugal so much more than Full. It's also much simpler to back up by just making a copy of the save file, than having to worry about individual directories and stuff.


Even if a hacker did mess with the outside harddrive, he can't really modify the pup_xxx.sfs file. He could corrupt it, delete it, or replace it with another. But since it's an entire compressed filesystem, direct editing would be an extremely difficult task. Not impossible, but so difficult that if somebody with the ability to do it gets into your system you're gonna be so screwed up anyway that it doesn't even matter anymore.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
Billwho?
Posts: 559
Joined: Tue 06 Dec 2005, 09:28
Location: still "In The Dog House" East Coast Oz
Trialing 4.20

#4 Post by Billwho? »

While I would probably not use this feature myself (because I run from a live CD). I can see where it would be a good idea in a Full hard drive install.
Linux = Learning through doing :shock: :? :D
The learning curve may be steep but there is a light at the end of the tunnel.
You just have to pass the occasional oncoming train to get there.

Michalis
Posts: 237
Joined: Tue 08 Jan 2008, 14:50
Location: Greece

#5 Post by Michalis »

For me it's a great idea, accually i hate that i have to run as root.

I disagree with the way you want to implement it. Firstly it should ask in the begging (log-in) whether someone would like to run as user or root and ask name and password. Secondly I 100% desagree upon checking if the firewall is running. I'm not using software firewall and I don't want to because I am using router's nat and firewall (less memory, cpu usage :D ).

I want to see this feature but I can't help on implemeting it (unable to code either compile :oops: ), so also I can't deside what to vote, I'm between 2&3, mostly 3.

Post Reply