[LBo] Passwords & Paranoia

[Lynn Gallup]

I have to agree with Brian on the value of password protection for root 
operations. His comment caused me, though, to wonder exactly what it is with 
the root password implimentation in Linux which is so irritating.

I think it is because Linux automatically returns me to ordinary user status 
upon exiting the CLI interface for whatever root operation I was doing thus 
making it necessary to use the password for any following root operation.

Generally speaking I prefer an operating system to be passively protective 
instead of actively protective. For example, when I close from a root 
operation in terminal I would prefer a pop-up like: "You are in root status! 
Do you wish to remain so? Yes or No"
Lynn
-------------------------
> On Monday 12 June 2006 09:46 am, Brian Reichert wrote:
>> * Lynn Gallup <lgallup at mn.rr.com> [2006-06-12 07:45:49-0500]
>> <SNIP>
>>
>> > 4. New problem -
>> > Somehow I created two names and passwords for myself when I responded 
>> > to
>> > a text-box page which I thought was referring to my user name and
>> > password for my ISP account. These two names and requests for password 
>> > ID
>> > now appear on the Linux shut-down screen.
>> > Is there a way I can totally shut off all this user name & password
>> > business in Linux? (I occasionally get a message telling me I don't 
>> > have
>> > "permission" to do something or a message requesting a password before 
>> > I
>> > can do something - All of this is extremely irritating and was a factor
>> > in my decision to get off XP and onto Linux.)
>>
>> I've been staying quiet on all your problems Lynn mostly because I'm not
>> familiar with Suse and know nothing about Yast.  Being a Slackware guy 
>> kind
>> of limits me on how helpful I can be on this list sometimes because
>> Slackware is a little different then most.  You look to be in good hands
>> with the other issues but I thought I'd comment on this one.
>>
>> While you can do what you want with your system (and no on will hate you
>> for it or anything) I'd very strongly suggest to not seek to turn off
>> passwords.  The reason being is that the UNIX-way (to quote Stefan) is to
>> run as a regular unprivileged user most of the time and only change to 
>> root
>> (aka Administrator) when you absolutely have to.  This is a big part of
>> what makes Linux more secure than Windows where everyone usually runs as 
>> an
>> Administrator all the time, making it easy for viruses, spyware, and the
>> like to take hold.  If it's any indication on how important is is to run 
>> as
>> a regular user even Microsoft is finally changing their way of thinking 
>> and
>> going to have users run as users and not admins in the upcoming Windows
>> Vista.
>>
>> It can take a little getting used to having to switch to root from time 
>> to
>> time, but you'll get used to it.  The advantages are more than well worth
>> it. Besides, once you have everything configured you'll find switching to
>> root happening less and less.
>>
>> Now, as far as deleting the extra user account and anything else Suse
>> specific I'll leave you in much better hands than mine. ;)