Linked by Thom Holwerda on Wed 31st Mar 2010 14:41 UTC
Windows As geeks, we're well aware of the importance of running as a normal user instead of as root (UNIX/Linux/BSD) or administrator (Windows). However, while this should be common knowledge to anyone reading OSNews, it's often hard to illustrate just how important it is - until now, that is. A report by BeyondTrust looked at how many security bulletins issused by Microsoft are mitigated by simply... Not running as administrator.
Thread beginning with comment 416240
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Not entirely...
by TemporalBeing on Wed 31st Mar 2010 17:08 UTC in reply to "RE[2]: Not entirely..."
TemporalBeing
Member since:
2007-08-22

He/she probably means distros like Slackware, Gentoo and ArchLinux which require the user to make a user account manually, since by default they use is root.


That is absolutely WRONG.

While I haven't run ArchLinux, neither Slackware nor Gentoo require you to run as the root user by default. Anyone that does is out of their mind. Both communities suggest using su/sudo (just like every other distro) for doing admin stuff.

Reply Parent Score: 2

RE[4]: Not entirely...
by SlackerJack on Wed 31st Mar 2010 17:15 in reply to "RE[3]: Not entirely..."
SlackerJack Member since:
2005-11-12

Well, when you're dropped to the command line after installation, you then login as root and create a user account. Until then, it's root access only.

BTW. I've seen many users come into the IRC's distros' channel as root, because they didn't create a user account.

Edited 2010-03-31 17:21 UTC

Reply Parent Score: 2

RE[5]: Not entirely...
by monodeldiablo on Wed 31st Mar 2010 17:20 in reply to "RE[4]: Not entirely..."
monodeldiablo Member since:
2005-07-06

While technically correct, all of the documentation and prompts strongly encourage the administrator to add a user as their first task.

Furthermore, what user without a deep knowledge of Linux is doing a manual install of a power-user distro? This is just a tangent, since Arch/Slackware/Gentoo make up a sliver of the Linux user base and are invisible to the casual audience...

Reply Parent Score: 2

RE[4]: Not entirely...
by lemur2 on Thu 1st Apr 2010 02:59 in reply to "RE[3]: Not entirely..."
lemur2 Member since:
2007-02-17

While I haven't run ArchLinux, neither Slackware nor Gentoo require you to run as the root user by default. Anyone that does is out of their mind. Both communities suggest using su/sudo (just like every other distro) for doing admin stuff.


The Arch Linux installer LiveCD runs as root.

The Arch Linux install howto explains how to set up and configure a system (mostly using the nano editor for system configuration text files) and how to create (a) user account(s). One then re-boots, removes the LiveCD, and runs as a normal user from then on.

Reply Parent Score: 2

RE[5]: Not entirely...
by TemporalBeing on Thu 1st Apr 2010 13:09 in reply to "RE[4]: Not entirely..."
TemporalBeing Member since:
2007-08-22

"While I haven't run ArchLinux, neither Slackware nor Gentoo require you to run as the root user by default. Anyone that does is out of their mind. Both communities suggest using su/sudo (just like every other distro) for doing admin stuff.


The Arch Linux installer LiveCD runs as root.
"

All installer CD's run as root as there are no users. Some (like Gentoo's LiveCD's) randomize the root password on boot for security (so you can run SSH), but still login as root.

That is the nature of installation media.

LiveCD's typically run as root, but you can add users to them before you burn the CD/DVD so you don't have to. But again, that's typical because a LiveCD is usually a recovery disk or installation media where root permissions are required for the primary tasks of system maintenance.

But LiveCD's and Installation Media are not examples of normal UNIX/Linux user configurations. (And I never said that Microsoft should make the Windows Installation programs run as a normal user, that would be very problematic for any operating system installation system.)

Reply Parent Score: 2