Is non-root for *only* the ppp console safe?

[no.to...@gmail.com]

it's impossible to manage a changing environment other than in root.
What I normally do is login as non-root [only because kde-3 behaves
better than in root], then I open about 6 super-user terminals in each
of 4 desktops. One of these 'root-terminals' is used for my dial-up ppp.

Q1. if I used a non-root terminal only for my internet connection,
would I be removing the 'root operation danger' ?

Q2. Since I don't 'serve' would a hacker be able to get access to my
files during the short time that I'm on-line via dialup fetching ?
And if so, by what mechanism/algorithm ?

== TIA.

[david]

On Fri, 18 Dec 2009 10:16:27 +0000, no.top.post rearranged some electrons
to say:

> it's impossible to manage a changing environment other than in root.

No, it's not.

[unruh]

On 2009-12-18, no.to...@gmail.com <no.to...@gmail.com> wrote:
> it's impossible to manage a changing environment other than in root.
> What I normally do is login as non-root [only because kde-3 behaves
> better than in root], then I open about 6 super-user terminals in each
> of 4 desktops. One of these 'root-terminals' is used for my dial-up ppp.

????? Why in the world do you open 24 root terminals? Sheesh, you are
just asking for trouble. When yo uneed to be root, open a terminal and
close it again when you cease to need it. Otherwise you will one day
type in rm -r * in your root terminal rathr than in that user terminal
you thought you were in.

>
> Q1. if I used a non-root terminal only for my internet connection,
> would I be removing the 'root operation danger' ?

Not remove but lessen.

>
> Q2. Since I don't 'serve' would a hacker be able to get access to my
> files during the short time that I'm on-line via dialup fetching ?
> And if so, by what mechanism/algorithm ?

Who knows. But yes, it opens a window for them to get at you.

>
>== TIA.
>
>

[pk]

no.to...@gmail.com wrote:

>[nonsense]

You have no idea what you're talking about, and not only regarding ppp.

[no.to...@gmail.com]

In article <slrnhing6l...@wormhole.physics.ubc.ca>, unruh <un...@wormhole.physics.ubc.ca> wrote:

> On 2009-12-18, no.to...@gmail.com <no.to...@gmail.com> wrote:
> > it's impossible to manage a changing environment other than in root.
> > What I normally do is login as non-root [only because kde-3 behaves
> > better than in root], then I open about 6 super-user terminals in each
> > of 4 desktops. One of these 'root-terminals' is used for my dial-up ppp.
>
> ????? Why in the world do you open 24 root terminals? Sheesh, you are
> just asking for trouble. When yo uneed to be root, open a terminal and
> close it again when you cease to need it. Otherwise you will one day
> type in rm -r * in your root terminal rathr than in that user terminal
> you thought you were in.
>

No, if you had a workshop with an infinte-extendable work-bench
where you fixed electronic equipment, you'd allocate a 'VT' to each
project, like this project is to find out about inet non-root-hack-danger.
Typically each project needs the paper-schematics & spare parts
& tools and while you're waiting for that part fom Japan, you can't
just CLOSE the 'VT". So you open the next 'virtual work bench' for
the next job, which is running in parallel. Some thought will tell
you that you will have several 'VTs' open simultaneously for
jobs which are not yet complete. If your jobs are computer jobs,
then you can just clone the tools. I allocate major jobs to their own
dir/tree and use 'fetchers', instead of having the fetcher, eg. a
monster browser as the center. Here's my current 'troop of mc/s'
with the dir which each is working on:--
1, 3,2 = /mnt/cdrom/Inet/mgTmp
1, 3,3 = /mnt/cdrom/Debug/DebLenny/CD.DVDw
1, 3,4 = /mnt/cdrom/Debug/DebLenny/CD.DVDw
3, 2,1 = /mnt/cdrom/Debug/ProcesCntrl
3, 2,5 = /home/eas/cronScripts
1, 3,10 = /mnt/cdrom/Debug/mc-Cooledit
1, 3,5 = /mnt/Fed14/home/Debug/DVDw
a, 4,1 = /mnt/cdrom/Legal/TLC/PdVblog
a, 4,2 = /mnt/cdrom/Legal/TLC/PdVblog
a, 4,3 = /mnt/cdrom/Legal/TLC/PdVblog
a, 4,4 = /mnt/cdrom/Medical/Vision
3, 2,2 = /mnt/cdrom/WritingStyle
3, 2,4 = /mnt/cdrom/Debug/mc-Cooledit
4, 5,1 = /usr/lib/mc
2, 1,1 = /tmp
1, 3,9 = /mnt/cdrom/Inet
4, 5,5 = /home/eas/cronScripts
b, 6,3 = /mnt/cdrom/Debug/ProcesCntrl/TstDir2
4, 5,3 = /etc
b, 6,1 = /mnt/cdrom/Debug/ProcesCntrl/TstDir2
b, 6,2 = /mnt/cdrom/Debug/ProcesCntrl/TstDir2
b, 6,5 = /etc
1, 3,6 = /mnt/cdrom/Debug/ProcesCntrl/TstDir2
b, 6,4 = /usr/local/bin
4, 5,2 = /home
--> | 3 | 1 | 2 | 4 |a |, --> | 2 | 3 | 1 | 5 |4
a=2a; b=3a
---------------------------
So when info arrives for the 'PdVblog' project which I initiated
last week, I can see which desktops, VTs are already opened
on 'PdVblog'. Many of the VTs have text files open with mans
or notes being edited. You don't want to open a man 6 times,
when you can LEAVE it open and allocate it to its own VT.
A typical project requires 2 mans, 1 notes, email, News, lynx-goog,
all open at the same time. Since linux can't conveniently display
6 files together on the screen, like ETH oberon, I use one mc per
VT. In the physical world you have the waste due to physical
constraints, that you have to travel to work and back, and you
have to repeatedly refile the same papers and wash the dishes
after use. But in the computerised world, you just
clone-a-new-one.

> >
> > Q1. if I used a non-root terminal only for my internet connection,
> > would I be removing the 'root operation danger' ?
>
> Not remove but lessen.
>
> >
> > Q2. Since I don't 'serve' would a hacker be able to get access to my
> > files during the short time that I'm on-line via dialup fetching ?
> > And if so, by what mechanism/algorithm ?
>
> Who knows. But yes, it opens a window for them to get at you.
>

You don't actually know?
You just follow the crowd ?

[david]

On Sat, 19 Dec 2009 07:06:26 +0000, no.top.post rearranged some electrons
to say:

>

> No, if you had a workshop with an infinte-extendable work-bench where
> you fixed electronic equipment, you'd allocate a 'VT' to each project,
> like this project is to find out about inet non-root-hack-danger.
> Typically each project needs the paper-schematics & spare parts & tools
> and while you're waiting for that part fom Japan, you can't just CLOSE
> the 'VT". So you open the next 'virtual work bench' for the next job,

WTF are you talking about?

[Michael Black]

On Fri, 18 Dec 2009, no.to...@gmail.com wrote:

> it's impossible to manage a changing environment other than in root.
> What I normally do is login as non-root [only because kde-3 behaves
> better than in root], then I open about 6 super-user terminals in each
> of 4 desktops. One of these 'root-terminals' is used for my dial-up ppp.
>

Fix things so you can do the dial-up from the user account.

Likewise, if you "think" you need a root account to do lots of things,
chances are good that you simply haven't put in the work to get things
working as non-root.

Time and time again, people come up with all kinds of silly solutions
when if they just fixed things to run as root, they wouldn't need the
silly solutions.

Michael

[unruh]

None of which require root.

> when you can LEAVE it open and allocate it to its own VT.
> A typical project requires 2 mans, 1 notes, email, News, lynx-goog,

None of which require root.
The issue was not whether or not you should have 24 terminals open-- how
messy you keep your desktop is your concern. The question was root.
And nothing you have said so far requires root.

Note -- you do know that you can have more than 4 desktops. So you could
set up with 24 desktops and have 144 terminal windows open?

Of course your system might start to crawl.