I don’t run as root because I’ve always been told I shouldn’t. I don’t know enough about anything to be contradicting stuff like this. It has always seemed weird to me that we don’t run as root and then just sudo everything, though.
A big part of it comes from the security model and Linux historically being a multi-user environment. root owns the root directly / which is where all of the system files live. A normal user just has access to their own home directory /home/username and read-only access to things the normal user needs like the /bin where programs are stored (hence /bin/bash in lots of bash scripts, it tells the script what program to run the script from)
Because of this model, a normal user can only mess up their own files, while root can mess up everyone’s files and of course make the system non-bootablem. But also you can have user Bob signed in and doing stuff but unable to access user Alice’s files, and user Alice can be doing stuff and even running the same programs that user Bob is running (since it’s read only there’s no conflict) and then the administrator can log in as root to install something because they got a ticket to install suchandsuch for soandso.
Back to your point with sudo, sudo is Super User Do, so you are running a single command as root. By running it as root you can potentially be messing up with Alice and Bob might be doing, and most importantly whatever you are running with sudo can potentially affect any file on the computer. So if you run the classic rm -rf / it will delete every file that the user has write access to, so if bob runs it it’ll delete all of /home/bob/ but Alice will be unaffected, and the admin can still log in as root to do stuff.
If you host a website you’ll generally take advantage of this by giving the www folder read-only access so that web users can only see webpages and can’t start reading random system files, or for server software you can create a dedicated user to run that server software as, so if someone were to somehow exploit a vulnerability and gain access to that server user they can only mess up the software and no system files
You’re not supposed to “sudo everything” though. It’s mostly for changing the system configuration (editing config files in /etc/, running your system package manager etc.). It shouldn’t be a “oh, I got a permission error, better sudo the same command again olol”
We are human and make mistakes. Not running as root means the computer will ask us to confirm when we are about to do something major (like a software update, or formatting a partition). This reduces the chance of making big mistakes. (But I don’t see why VLC shouldn’t be able to run as root, if the user so desires.)
(But I don’t see why VLC shouldn’t be able to run as root, if the user so desires.)
You don’t run VLC as root because you don’t especially trust that build of VLC
We don’t run random stuff as root because it’s a stupid risk. We try to only take necessary risks. Risks that make things easier. Running random programs as root gains you nothing and causes annoyance in that you need to fix permissions on its configuration files if you want to run out as a user
There is nothing stopping you though if you want to set up a Linux machine where you log in as root, run a desktop environment as root, run apps as root. You’re unlikely to be taking an unreasonable risk as a home user.
“I shouldn’t have to use permissions or sudo, just all root all the time”
Real superuser allow every programs and services run as root
“Real Men Run As Root”
https://www.garyshood.com/root/
I don’t run as root because I’ve always been told I shouldn’t. I don’t know enough about anything to be contradicting stuff like this. It has always seemed weird to me that we don’t run as root and then just sudo everything, though.
What is the reason we don’t run as root?
A big part of it comes from the security model and Linux historically being a multi-user environment.
root
owns the root directly/
which is where all of the system files live. A normal user just has access to their own home directory/home/username
and read-only access to things the normal user needs like the/bin
where programs are stored (hence/bin/bash
in lots of bash scripts, it tells the script what program to run the script from)Because of this model, a normal user can only mess up their own files, while root can mess up everyone’s files and of course make the system non-bootablem. But also you can have user Bob signed in and doing stuff but unable to access user Alice’s files, and user Alice can be doing stuff and even running the same programs that user Bob is running (since it’s read only there’s no conflict) and then the administrator can log in as
root
to install something because they got a ticket to install suchandsuch for soandso.Back to your point with
sudo
,sudo
is Super User Do, so you are running a single command asroot
. By running it as root you can potentially be messing up with Alice and Bob might be doing, and most importantly whatever you are running withsudo
can potentially affect any file on the computer. So if you run the classicrm -rf /
it will delete every file that the user has write access to, so if bob runs it it’ll delete all of/home/bob/
but Alice will be unaffected, and the admin can still log in asroot
to do stuff.If you host a website you’ll generally take advantage of this by giving the
www
folder read-only access so that web users can only see webpages and can’t start reading random system files, or for server software you can create a dedicated user to run that server software as, so if someone were to somehow exploit a vulnerability and gain access to that server user they can only mess up the software and no system filesBecause you might accidentally do something which breaks the system, or you might run a program which does something malicious without your knowledge.
By gating dangerous (or protected for any other reason) commands behind sudo, you create a barrier which is difficult to accidentally cross
You’re not supposed to “sudo everything” though. It’s mostly for changing the system configuration (editing config files in /etc/, running your system package manager etc.). It shouldn’t be a “oh, I got a permission error, better sudo the same command again olol”
We are human and make mistakes. Not running as root means the computer will ask us to confirm when we are about to do something major (like a software update, or formatting a partition). This reduces the chance of making big mistakes. (But I don’t see why VLC shouldn’t be able to run as root, if the user so desires.)
You don’t run VLC as root because you don’t especially trust that build of VLC
We don’t run random stuff as root because it’s a stupid risk. We try to only take necessary risks. Risks that make things easier. Running random programs as root gains you nothing and causes annoyance in that you need to fix permissions on its configuration files if you want to run out as a user
There is nothing stopping you though if you want to set up a Linux machine where you log in as root, run a desktop environment as root, run apps as root. You’re unlikely to be taking an unreasonable risk as a home user.