Root account

Root account

Post by Phil DeBecke » Thu, 22 Oct 1998 04:00:00





> > As far as i know there is No danger except someone else comes into the room
> > hits you with something
> > in de head makes you passout and takes over the terminal

> > >Hello,

> > >I've been told time and time again that it isn't good to be logged in as
> > >"root" for long periods. The implication is that there's a potential
> > >security breach, but no one comes out and says this.

> > >So now I'm curious. What is risky about being logged in as root? Is it
> > >simply the danger that someone might walk up to an unoccupied terminal?
> > >Or can something else happen?
> >[...]
> A *very* long time ago there seemed to be a risk with having a root
> login caused by ANSI display code implementations... there were (are?)
> sequences that allow to remap keys. So if you're logged on as root, and
> have your terminal open so somebody can use write(1) or alike to write
> online messages to you, your keyboard could be remapped in a way that
> the next time you hit enter, strange things might happen (remap enter to
> ";cd /;rm -rf * <enter>" would be one of the less friendly
> possibilities).

Much more likely, and the real reason everyone recommends not being logged in as
root for normal use, is that the consequences of simple typos can be
devastating.  If, as root, you mistype "rm -rf / tmp/foo" for "rm -rf /tmp/foo",
you've just hosed yourself completely.  As a normal user you'd just get an error
message.

Phil