christophe barbé on Mon, 1 Jul 2002 15:50:11 +0200

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] log as root or not ?

On Mon, Jul 01, 2002 at 09:05:15AM -0400, Jesse P Schultz wrote:
> Hash: SHA1
> christophe barbé wrote:
> | My question is : Is there a good reason to avoid log in as root
> | directly when using a secured channel ?
> Yes.
> Occassionally, we all get stupid.  Whe you are root, stupid can really
> screw up the system.  If you always log in as a normal user, then su to
> root, it helps you to not forget roots power.

You should reread the thread from the beginning and I should have be
more precise when reformulating my question by adding :

   "when doing root stuff."

Is it a myth that it is bad to log as root and instead better to log as
a normal user and then su to root, when using a secured channel (ssh)
when doing root stuff ?

It seems to me that the answer is yes. and gabriel give me some good
arguments and so far I have read no good argument for the oposite.


> Also, if you are interacting with the internet as root, via a browser or
> ~ email client, then a malicious site or email which you read or visit
> can  do damage as root.  The biggist advantage of Linux/unix when using
> the internet is the ability to safely do this as not root.
> Even if you only have one system which you use as a work station, when
> you transition to root, you put on your admin hat, you are not just a
> user, you are the great and terrible admin and must have respect for
> your own power.
> This, of course, applys to both local and remote.
> Version: GnuPG v1.0.7-nullify-r3 (Windows 98)
> Comment: Using GnuPG with Mozilla -
> i4u8a//L3UiBWGkk3xGfqJs=
> =oP92
> ______________________________________________________________________
> Philadelphia Linux Users Group       -
> Announcements-
> General Discussion  -

Christophe Barbé <>
GnuPG FingerPrint: E0F6 FADF 2A5C F072 6AF8  F67A 8F45 2F1E D72C B41E

Cats seem go on the principle that it never does any harm to ask for
what you want. --Joseph Wood Krutch

Attachment: pgpnjs2lNkUlN.pgp
Description: PGP signature