The most sought-after account on your machine is the root (superuser) account. This account has authority over the entire machine, which may also include authority over other machines on the network. Remember that you should only use the root account for very short, specific tasks, and should mostly run as a normal user. Even small mistakes made while logged in as the root user can cause problems. The less time you are on with root privileges, the safer you will be.
Several tricks to avoid messing up your own box as root:
rm foo*.bak
, first do ls foo*.bak
and make
sure you are going to delete the files you think you are. Using echo
in place of destructive commands also sometimes works. rm
command to ask for
confirmation for deletion of files.PATH
environment variable) specifies the
directories in which the shell searches for programs. Try to limit
the command path for the root user as much as possible, and never
include .
(which means "the current directory") in your PATH.
Additionally, never have writable directories in your search path, as
this can allow attackers to modify or place new binaries in your
search path, allowing them to run as root the next time you run that
command..rhosts
file for root./etc/securetty
file contains a list of terminals that root can
login from. By default (on Red Hat Linux) this is set to only the local
virtual consoles(vtys). Be very wary of adding anything else to
this file. You should be able to login remotely as your regular user
account and then su
if you need to (hopefully over
ssh
or other encrypted channel), so there is no
need to be able to login directly as root. If you absolutely positively need to allow someone (hopefully very
trusted) to have root access to your machine, there are a few
tools that can help. sudo
allows users to use their password to access
a limited set of commands as root. This would allow you to, for
instance, let a user be able to eject and mount removable media on
your Linux box, but have no other root privileges. sudo
also keeps a
log of all successful and unsuccessful sudo attempts, allowing you to
track down who used what command to do what. For this reason sudo
works well even in places where a number of people have root access,
because it helps you keep track of changes made.
Although sudo
can be used to give specific users specific privileges
for specific tasks, it does have several shortcomings. It should be
used only for a limited set of tasks, like restarting a server, or
adding new users. Any program that offers a shell escape will give
root access to a user invoking it via sudo
. This includes
most editors, for example. Also, a program as innocuous as
/bin/cat
can be used to overwrite files, which could allow
root to be exploited. Consider sudo
as a means for
accountability, and don't expect it to replace the root user and still
be secure.