Multiuser Puppy 4.2.1

For talk and support relating specifically to Puppy derivatives
Message
Author
User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

Re: Mirror for R3 now up too..

#61 Post by Pizzasgood »

Cool, thanks.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
pri
Posts: 342
Joined: Fri 09 Oct 2009, 18:31
Location: Bandung Indonesia
Contact:

#62 Post by pri »

i think, who was should be automatic login is user. and i think for puppy user is no need tobe login but always automaticaly login as user. if there is need to modify, ading or insert aplicatin on puppy, root is needed.

being automaticaly login as root can cause forget seting automaticaly login and another user mybe will damage your computer.

:oops: my be there is my opinion for playing with multiuser puppy
Learning by Doing

User avatar
technowomble
Posts: 74
Joined: Thu 11 Oct 2007, 17:04
Location: West Gloucestershire, UK

Multi-user and Pwireless2

#63 Post by technowomble »

Pizzasgood,
I tried Multi-user on my laptop and was impressed, the only reason I had to drop it was wireless, but I've since tried jermimah's Pwireless2, in a standard 4.2.1, and that does exactly what I want on the wireless front. I'm tempted to try combining Multi-user with Pwireless2 - for the added security of username/password protection for access - but I'm not sure on a couple of points. Pwireless2 puts up message banners when it autoconnects to a known network, and the wireless widget gives a comforting indication of signal strength, do you know if these will work in the user desktop? ( I appreciate that I'd need to log in as root to set up a new network profile. ) TIA

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#64 Post by Pizzasgood »

Displaying messages to the screen shouldn't be an issue. I would be more concerned about the code that does the autoconnecting, which probably needs to have root permissions.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
technowomble
Posts: 74
Joined: Thu 11 Oct 2007, 17:04
Location: West Gloucestershire, UK

#65 Post by technowomble »

You're right Pizzasgood, Pwireless2 only runs if the user is logged in as root. Possibly a developer looking to create a laptop puplet might be able to merge Pwireless2 and Multi-user, but it's beyond my abilities at the moment - I haven't written any code since some Basic back in the 1970's, so I'd be starting from scratch!

User avatar
dru5k1
Posts: 72
Joined: Mon 12 Apr 2010, 01:15

#66 Post by dru5k1 »

Pizzasgood :: thanx so much for a cool puplet!

I'm very happy with it so far

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#67 Post by nooby »

Pizzasgood, thanks indeed for all the work you have put into this.

As you know I am not savvy enough to even use a multi user distro. I ahve tried out Ubuntu since 2006 and failed and failed and failed and only the root Puppy has allowed me to be a Linux user.

But all kudos to you for showing it is possible to make a multi user Puppy.
I did download it in case me feel for trying it out.

How much safer are one if one use it?

What can happen if one are root. What can hackers do?
and what can hackers not do when one are a restricted user.

or is the multi user only protecting user damage and not hacker damage?
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#68 Post by Pizzasgood »

Short answer: It doesn't make much difference if there is only one person using the machine. It can be very useful if there are more than one people using the machine (e.g. a computer you share with your family who don't know diddly about computers).

Multiuser is more about protecting a system and the users of the system from eachother, not from outsiders. It partitions things so that in general, problems (including being hacked) initiating with one user will not propagate to affect other users or the OS in general. If there is only one person actually using the machine, it doesn't accomplish a whole lot.


Long answer:


If there is only one real person using the system, running as a limited user mostly just protects you from yourself, and only partially at that. Reason: Your user account will presumably own most of your important personal data, therefor you have full permission to delete/corrupt it, even though you're not root. But if you tried to accidentally run "rm -rf /*" you would be stopped. On the other hand, if you ran "sudo rm -rf /*" you would not be stopped (though you may be asked for a password depending on how long it's been since the last time you entered your password for sudo).

If there were other people sharing the computer with you, then multiuser becomes more useful. It still doesn't stop people from deleting their own stuff, but it prevents them from accidentally messing up everybody else's stuff.


From a security-from-hackers point of view, using a limited user helps a little for a system with one user. It basically makes it harder for the hacker to get permission to really screw up the system. The idea is that they'd only have the permissions that you have, and therefor couldn't tamper with core system files and what not. But there are plenty of ways for them to attempt to elevate themselves to root-level privileges. For example, if they gained full shell access as your limited user, they would have permission to modify your ~/.bashrc file. They could add a function to that file named "sudo" that looks like the normal sudo, but catches your password and saves it. Then the next time you use sudo to do some administrative task, that function would be run instead, giving them your password. That would allow them to run sudo as well, letting them run commands as root.

They don't need root privileges to do nasty things though. What is their motivation in gaining access to your computer? Either to obtain information (account numbers, passwords, etc.) or to use your computer as a zombie. For gaining information, they don't need root, since your user account probably has access to all of your information. As for using your computer as a zombie, it depends on what kind of thing they want to do. If they're trying to send spam or crunch numbers (brute forcing people's passwords) or perform a DDOS attack, they can do that just fine as a limited user. The would only need root access if they wanted to run a server using a low port number (like 80), and there isn't much need for doing that.


On a system with multiple real users, multiuser does help a little bit more. The hacker would only gain access to the data that belongs to the person he hacked. He would still be able to do zombie activities when that user is using the machine. But he wouldn't be able to see other people's data. Unless, of course, he manages to break into their accounts as well, or elevates his privileges to root.


Note that in no way does running a multiuser system make it harder to get into the system in the first place. It only potentially slows them down once they get in.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#69 Post by nooby »

Thanks for the well thought out answer. We had a thread with a new user who wanted multi user puppy so maybe he find this thread. In case he didn't knew he got a good insight in the pro et con of or for it.
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
enhu
Posts: 302
Joined: Wed 27 May 2009, 02:13
Contact:

#70 Post by enhu »

doesnt seem to work. didn't prompt me to save an sfsfile

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#71 Post by Pizzasgood »

Not entirely sure what you mean. It should never prompt you to save an sfs file. Maybe you mean it didn't prompt you to save a save file? If so, what about Puppy 4.2.1? Does that also have that problem? If so it is a problem with Puppy 4.2.1 that needs to be solved independently of Multiuser Puppy so that all Puppy 4.2.1 (and derivative) users can benefit.

If it's unique to Multiuser Puppy, then I'll need more details - what partitions do you have, what filesystem types are they, what sizes, how did you boot Puppy, how did you shutdown, etc.

I haven't used this version in a long time. I wonder if maybe you tried to reboot as a limited user. Off the top of my head, maybe you need to do the first reboot as root so that you can create the save file, and then after that you could reboot as a normal user (assuming you are in the "power" group or whatever it was named). But like I said, this is off the top of my head without reviewing how everything worked.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
enhu
Posts: 302
Joined: Wed 27 May 2009, 02:13
Contact:

#72 Post by enhu »

at first i tried the puppy-4.2.1-MULTIUSER.iso, get thier initrd.gz, vmlinuz and the pup421.sfs in the /sda3. it boot good so i bookmarked some pages of this forum and then reboot. it then says
puppy shutting down...
session not saved....

so once again i tried the puppy-4.2.1-MULTIUSER-r3.iso and did the same thing... what did i miss doing?

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#73 Post by Pizzasgood »

I'll dig it out and try it tonight to see if I can replicate that error. Meanwhile, could you tell me precisely which method you used to shut down? Just in case that turns out to be significant.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
enhu
Posts: 302
Joined: Wed 27 May 2009, 02:13
Contact:

#74 Post by enhu »

shut it down like the normal way..
i click the menu then shut down.. it prompt a box with an options such as reboot, shut down...etc

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#75 Post by Pizzasgood »

Sorry for not doing this Saturday night like I had planned. Anyway, I tested today and it asked me to create a save file. I tried it booting from CD, booting from CD with the files on the harddrive, and booting a frugal install (which didn't have a save file yet). Every time it asked me if I wanted to save.

Do you also have this problem with the normal Puppy 4.2.1? Or does it only not work in Multiuser-Puppy?
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
enhu
Posts: 302
Joined: Wed 27 May 2009, 02:13
Contact:

#76 Post by enhu »

i'll try burning the iso. do i need to install those sPN.pets?
reply you later

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#77 Post by Pizzasgood »

If you install the r3 version of Multiuser Puppy, you don't need any of the sp packages.

If you install the r2 version of Multiuser Puppy, you need sp3.

If you install the r1 version of Multiuser Puppy, you need sp2 and then sp3.

If you install the original version of Multiuser Puppy, you need sp1, then sp2, then sp3.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

Pelo

Puppy 4.2.1 rock and roll is back again 2016.

#78 Post by Pelo »

Puppy 4.2.1 rock and roll is back again 2016.
Windows XP is tired, Laptops too.
But our old puppies can do it !
abiword 3.0.0 is Buggy , version 2.6.3 has no bug
Not necessary to set each session your keyboard fr as in UPUP !
wifi 67/100, but no works in Slacko 6.3
Seamonkey watch at You Tube videos,
Isn'it magick ? Merci Pizzagood ! :)
There is a Puppy with echinus included, that is not this one. In fact that is what i am looking for, to please Musher0
Attachments
halliday.jpg
(47.84 KiB) Downloaded 264 times

Post Reply