1 |
On Wednesday 25 June 2003 17:21, Stroller wrote: |
2 |
> Yeah, I was really quite astonished by the previous message in respect to |
3 |
> my email address. I don't really know yet how to react to it, which is why |
4 |
> I haven't changed my addy. |
5 |
|
6 |
Sorry about that, sir. :) |
7 |
|
8 |
> I was initially quite offended that someone had mailed me to advise me "not |
9 |
> to read mail as root" - I felt quite patronised. Do people really do |
10 |
> that..? |
11 |
|
12 |
Again, I am sorry for patronising you. However, as a fellow Linux sysadmin, I |
13 |
feel that it is almost my obligation to inform others of their practices that |
14 |
I believe to be insecure. :) |
15 |
|
16 |
> If there really are folks out there reading mail from their root account (I |
17 |
> mean, _is this possible?_), surely we need to be educating them better..? |
18 |
|
19 |
Indeed. When users come into #gentoo or such with the ident of root, I |
20 |
promptly inform them that IRCing as root is hardly wise (even less so than |
21 |
[reading|sending] one's mail as root ;)). I know that #debian has *!root@* |
22 |
banned in their channel -- but I am not suggesting we emulate their channel |
23 |
ethics heh. |
24 |
|
25 |
> Maybe the NEED for a regular user should be spelled out more explicitly in |
26 |
> the Gentoo installation documents. I see now that the subject is rather |
27 |
> brushed over by a single line containing a link the the FAQ & the question |
28 |
> "Everyone seems to think that i shouldn't be using root for everyday use, |
29 |
> how can i add another user?" |
30 |
> |
31 |
> Maybe superadduser should be part of the base stages installation..? |
32 |
> Instructions to `superadduser yournamehere` could be placed right before |
33 |
> the setting-root-password section of the installation guide; the root |
34 |
> password section could contain the explanation: |
35 |
> "the root password is used in conjunction with the `su` command when you |
36 |
> need to perform administrative tasks on your Gentoo box". |
37 |
|
38 |
I do believe that the installation docs suggest that users create a normal |
39 |
user account and conduct all web-related activities (besides fetching |
40 |
distfiles, logically) such as irssi through this user. |
41 |
|
42 |
> Since completion of a stage-3 install is intended to provide a complete, if |
43 |
> minimal, Gentoo-Linux installation, ISTM that adding a non-root user is |
44 |
> perhaps an essential, rather than an optional, part of the process. |
45 |
|
46 |
This is entirely correct. When I first started using Linux (I was ~7 then and |
47 |
I began with Slack 7.1, so I am not too old now, either ;)), I figured: "Hey, |
48 |
why not use the root account for doing everything?" My Windows-user mindset |
49 |
of it's-okay-to-use-the-Administrator-account-for-everything had mislead me |
50 |
to think the same of Linux. OT, but the only operating system that has |
51 |
touched any box that I own has been Linux for the last ~8 months. |
52 |
|
53 |
> The root address was originally a joke. Like on those "I've got root" |
54 |
> t-shirts at the GeekStore. When my ISP asked me what |
55 |
> address@×××××××××××××××××××.uk I wanted, of course "root" was a cool |
56 |
> choice. I see Spider is associated with a similar organisation. |
57 |
|
58 |
I see no problem with this as I explain further below. |
59 |
|
60 |
> So I don't know yet whether I'll be changing my address or not. I mean: I |
61 |
> like it. Why should I change it, just because it confounds people..? |
62 |
|
63 |
If you are merely logging into an account provided to your by your ISP, then I |
64 |
see no problem with using the username "root." I was under the misimpression |
65 |
that you were using your own mail server and using the root account to send |
66 |
emails. The latter is what I was discouraging against, not the former. |
67 |
|
68 |
Regards |
69 |
|
70 |
P.S., Sorry for emailing you twice about this thread, Stroller. |
71 |
-- |
72 |
Zack Gilburd |
73 |
http://tehunlose.com |