Wanna-Be Sys Admin <sysadmin at (no spam) example.com> writes:

The Doctor wrote:

Right I got a customer who is only running one account, namely root
and 1 app. I suspect this person is opening himself to trouble.

yes/no?

Depends, might be perfectly fine (and probably is). What's the
application running? Anyway, most of security issues revolve around
things other than root 99% of the time (but those 99% of things
usually end up being things done as root once exploited).

IF that system never ever ever is connected to the net in any way, via
modem or ethernet, or anything else, then this may well be fine. It is
still dangerous, since that account CAN run anything, on purpose or by
accident. It can also do immense damage (rm -r /) which a special
account could not.

In article <R0OIm.3739$gg6.1377 at (no spam) newsfe25.iad>,
Wanna-Be Sys Admin <sysadmin at (no spam) example.com> wrote:
The Doctor wrote:

Right I got a customer who is only running one account, namely root
and 1 app. I suspect this person is opening himself to trouble.

yes/no?

Depends, might be perfectly fine (and probably is). What's the
application running? Anyway, most of security issues revolve around
things other than root 99% of the time (but those 99% of things
usually end up being things done as root once exploited).
--
Not really a wanna-be, but I don't know everything.

And E-newsletter app.

I do think people get too antsy about security. By far and away the
greater risks are not from root kits, but from things like phishing and
so on. There are ten unguarded windows boxes for every one reasonbly
well guarded linux box. They are a much softer target. Id say that
running as root is an unnecessary risk, with almost no benefits, but its
not the worst thing you can do.

The Doctor wrote:

In article <R0OIm.3739$gg6.1377 at (no spam) newsfe25.iad>,
Wanna-Be Sys Admin <sysadmin at (no spam) example.com> wrote:
The Doctor wrote:

Right I got a customer who is only running one account, namely root
and 1 app. I suspect this person is opening himself to trouble.

yes/no?

Depends, might be perfectly fine (and probably is). What's the
application running? Anyway, most of security issues revolve around
things other than root 99% of the time (but those 99% of things
usually end up being things done as root once exploited).
--
Not really a wanna-be, but I don't know everything.

And E-newsletter app.

So, is that news letter app running as root? If so, should it be if you
can help it? If he can, he should run a non priv user account just for
that app.

--
Not really a wanna-be, but I don't know everything.

The Natural Philosopher wrote:

[putolin]

I do think people get too antsy about security. By far and away the
greater risks are not from root kits, but from things like phishing and
so on. There are ten unguarded windows boxes for every one reasonbly
well guarded linux box. They are a much softer target. Id say that
running as root is an unnecessary risk, with almost no benefits, but its
not the worst thing you can do.

The worst thing you could do is type rm -rf / or rm -rf .* while as root
account.

Baho Utot <baho-utot at (no spam) invalid.com> writes:

The Natural Philosopher wrote:

[putolin]

I do think people get too antsy about security. By far and away the
greater risks are not from root kits, but from things like phishing and
so on. There are ten unguarded windows boxes for every one reasonbly
well guarded linux box. They are a much softer target. Id say that
running as root is an unnecessary risk, with almost no benefits, but its
not the worst thing you can do.

The worst thing you could do is type rm -rf / or rm -rf .* while as root
account.

Nope. That just wipes you out. That is self limiting damage. Either you
no longer have a machine to play with or you learn not to do that.
Worse is subverting that machine to
attack other machines and to send spam and phishing attacks out to
others.

The Natural Philosopher wrote:

[putolin]

I do think people get too antsy about security. By far and away the
greater risks are not from root kits, but from things like phishing and
so on. There are ten unguarded windows boxes for every one reasonbly
well guarded linux box. They are a much softer target. Id say that
running as root is an unnecessary risk, with almost no benefits, but its
not the worst thing you can do.

The worst thing you could do is type rm -rf / or rm -rf .* while as root
account.

No, the worst thing you could do is do that and then don't learn from it.

And verily, didst Maxwell Lol <nospam at (no spam) com.invalid> hastily babble thusly:
And then someone can walk up to a dedicated application, and with the
mouse save a file that overwrites a file like /etc/passwd -
/etc/shadow, and thereby deleting the password. Or they can trash the
system by overwriting some critical file.

Even the kernel itself.

Youy can configure IIRC a no password user login, and put that user in
the root group so privileges needed for admin are granted
automatically, and still run as an unprivileged user..

Sounds like a very bad idea to me to perenantly grant IIRC privileges
this way.. a Setgid mechanism, which drops these privilegdes once the
network channels are established would be better.

well its not secure from the keyboard, but it is secure from
perversion of user processes.

I assumed that was indeed the case, yes.

There is no need to grant privileges beyond necessity.


To paraphrase Occam

In article <R0OIm.3739$gg6.1377 at (no spam) newsfe25.iad>,
Wanna-Be Sys Admin <sysadmin at (no spam) example.com> wrote:
The Doctor wrote:

Right I got a customer who is only running one account, namely root
and 1 app. I suspect this person is opening himself to trouble.

yes/no?

Depends, might be perfectly fine (and probably is). What's the
application running? Anyway, most of security issues revolve around
things other than root 99% of the time (but those 99% of things usually
end up being things done as root once exploited).
--
Not really a wanna-be, but I don't know everything.

And E-newsletter app.

The Natural Philosopher <tnp at (no spam) invalid.invalid> writes:

Youy can configure IIRC a no password user login, and put that user in
the root group so privileges needed for admin are granted
automatically, and still run as an unprivileged user..

Sounds like a very bad idea to me to perenantly grant IIRC privileges
this way.. a Setgid mechanism, which drops these privilegdes once the
network channels are established would be better.

well its not secure from the keyboard, but it is secure from
perversion of user processes.

What is the PID and GID of the IRC process? If the GID grants that
process to modify a system file, then a buffer overflow in the IRC
daemon can grant an attacker full access to your computer.

IRC=Internet Relay Chat

Wanna-Be Sys Admin <sysadmin at (no spam) example.com> writes:

The Doctor wrote:

In article <R0OIm.3739$gg6.1377 at (no spam) newsfe25.iad>,
Wanna-Be Sys Admin <sysadmin at (no spam) example.com> wrote:
The Doctor wrote:

Right I got a customer who is only running one account, namely
root
and 1 app. I suspect this person is opening himself to trouble.

yes/no?

Depends, might be perfectly fine (and probably is). What's the
application running? Anyway, most of security issues revolve around
things other than root 99% of the time (but those 99% of things
usually end up being things done as root once exploited).
--
Not really a wanna-be, but I don't know everything.

And E-newsletter app.

So, is that news letter app running as root? If so, should it be if
you
can help it? If he can, he should run a non priv user account just
for that app.

Sounds like it is worse than that. Most E-newletters are associated
with networking to the outside world (otherwise that E is probably
misplaced). But if you are connecte d to the outside world, having
your user run as root, becomes much more dangerous. Next the OP will
be telling us that that root account also has no password, because the
user cannot be bothered to remember a difficult password. At which
point that system is certain to be exploited, causing problems for
that system, and more likely for everyone else on the net as it gets
used as a spam bot and as a source for attacks on others.

--
Not really a wanna-be, but I don't know everything.