[ale] Root vs Normal User

ChangingLINKS.com groups at ChangingLINKS.com
Tue May 24 11:43:24 EDT 2005


On Tuesday May 24 2005 08:12, Christopher Fowler wrote:
> Running root does not kill the box.  The person running as root will.

You are correct. Read those two sentences over again several times.

In MY case, I would have to become root a lot to do things. I would type su - 
and the pass. I began to see this as "extra work" and would try to "get 
through it" by typing more quickly. That resulted in more typos AS root - and 
I lost my box AFTER the su -.

I chose to handle this problem in several ways:
1. I dramatically improved my data recovery and storage method.
2. I designed my system so that occasional fumble fingers were a non-issue.
3. I increased security features many times over to protect my system.
4. I removed as many programs from my operating system as possible.
5. I began to do a much better job of auditing the software that I added.
6. I changed my behavior so that I always log in as root.

Since then, I have not had a single problem with the fumble fingers. I have 
not made mistakes. I understand that eventually I COULD - but I also 
understand that I have set up the box to easily recover from such a scenerio.

Recovery is NOT a "good enough" solution for others on this list, but it IS 
good enough for THIS user - and it's MY box. Linux allows for the freedom for 
people to run their systems how they like. We should honor that - rather than 
trying to make "everything the same" like M$.

Speaking of M$, your post says:
"A UNIX box does not assume the user is an idiot like Windows."
(It implies M$ is "better" :) )       I disagree. From my perception: 
"A poorly configured Linux system does not assume the user is an idiot"
Humans make mistakes sometimes - regardless of whether or not they sudo.


I've gone out of my way to prove that my system 
 . is AS secure (or more secure) than other boxes run on this list. 
 My box may not be the MOST secure, but I litterally BET 
 that it is far from the least secure.

 . protects my box from me as well as (or better) than "your" box.

I am solely defending the idea that running as root CAN be "OK" with Linux.
My position is clear, concise, set in the present time, using ME as a case 
study and is set HERE on my box. I am not the hypothetical "whole world" in 
the "future" nor shall I allow my boxes to harm the same. Moreover, I am not 
looking for "acceptance" or trying to convince others to "do it my way." I 
hope I have done a good enough job communicating my position.

     My position rests here. 
-- 
Wishing you Happiness, Joy, and Laughter,
Drew Brown
http://www.ChangingLINKS.com



More information about the Ale mailing list