Hi, I’ve been fiddling with PopOS the past year on an old laptop and I like it. I’m getting ready to convert my windows 10 desktop to Pop and leave windows behind entirely, before I do I want to be sure I understand a few security concepts.
I’ve read suggestions that say don’t run as root, create a separate user account and only use root when necessary. Do you give that user account sudo privileges? If so, is that any different from just being root?
Also I’ve installed the ufw firewall but left it with default settings. Is that something I need to look into more?
Thanks in advance!
If so, is that any different from just being root?
In security terms it’s slightly different, in that if an attacker gains access to your account they would have to do a small amount of trivial work to gain root. But yeah it makes no real difference to security. Cargo cultists would object to this but they don’t know what they’re talking about:
- https://xkcd.com/1200/
- Local privilege escalation bugs are very common in Linux.
- You don’t even need that - it’s trivial to MitM
sudo.
I think the real reason to use a normal user account and give it sudo privileges is that it prevents you accidentally hosing your system. You can’t accidentally
rm -rf /.Another reason you might not want to do it is that a fair amount of software will get pissy with you if you run it as root and tell you not to.
First off
sudostands for “super user do” i.e “do something as the super user”. The super user is root.sudo --shellstarts a shell with super user / root privileges.sudo someCommandrunssomeCommandwith super user privileges.In windows, for a really long time, your user had admin rights. When windows Vista came along, Microsoft had finally understood that that was a pretty bad idea and copied linux (or unix? whatever). That popup you get when installing stuff asking you for admin access? That’s a form of
sudo someCommandwith an interface built on top. You’ll get to see that in linux desktop environments too for example when you want to install new packages or update your system.The reason why it’s a bad idea to always have admin access without a password, is that if you are ever infected or you forget your computer unlock, somebody can’t just install something at system level. It’s a small hurdle, but every little bit counts. It also allows you to separate users between those that do have the right to login as the root user and those that don’t.
Users without super user access are quite common as an additional form of security because if they are infested or a process being run by them is, then it’s more difficult for them to infect other users. For example if you have a user called
chatserverthat runs theircd(IRC daemon) process, if your daemon (aka service) is hacked, the most damage they should be able to do is extract the data thechatserveruser has access to. They won’t be able to access your userdata as it’s stored in/home/yourusername, which can only be accessed by theyourusernameuser and theyourusernamegroup (plus ofcourseroot).It’s not a 100% fault-proof system, but it’s better than stepping into your house and having access to the master bedroom and your safe without having the key to it.