New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Typo, wrong command, accident paste, running broken scripts, etc.
Assume you are running Apache. There is now a security vulnerability in Apache and an attacker can spawn a remote shell. If Apache runs as the apache user the shell will also run as the apache user which means that the attacker can't do much damage other than destroying Apache.
However if Apache runs as root the attacker gets a root shell and basically controlls the whole server.
Well that's why Windows is so unsafe, pretty much everything runs as admin so there's no real way of protecting the system.
You're thinking of Windows XP.
Vista onwards requires you to accept a 'User Account Control' dialog (and authentication if not an administrative user) each time you attempt to run an elevated task (eg program installs, system setting changes etc)
And windows 7, but I find UAC extremely annoying and I know what to run...
People always disable it (me) or people who don't know how to or just are to lazy to disable it, they always just click yes, whatever it may be.
Anyways,
Not running things as root is insecure because if there would be an exploit in some software where you can execute commands, they're only in a limited (non administrator) shell, where they basicly can't do shit, except from forkbombing the server or dos from the server, but that will only cause a bit of downtime from a limited shell and that won't harm your server... However, if you run things as root, they will have full access to every single file on your system, which means they can wipe your server and all sorts of stuff.
It's just for security that there's a less big chance you server will get destroyed,
Which most people either disable, or are trained to always click yes (either explicitly or through having to do it so often).
Vista onwards requires you to accept a 'User Account Control' dialog (and authentication if not an administrative user) each time you attempt to run an elevated task (eg program installs, system setting changes etc)
The average user always clicks yes.
I still use XP tho'.
@Bogdacutuu
That is plain wrong. If someone runs a service as 'administrator' thats because that person is LAZY or ignorant.
Same reason that some run services as root under Linux.
you should never ( and its not needed ) to run a service as 'administrator'.
It all comes down to security settings when it is installed.
Congratulations, you've just described most Windows users.
UAC is the same thing as when running ubuntu (example) and you need to install something you need to enter your password again.
@NickM
I described any user, it doesn't matter what OS
+1
Incorrect. Same for Linux users. Ubuntu asks you for your password every single time as well.
sudo is like Windows's UAC.. Even though sudo existed before UAC afaik
@xBytez
True, MS got complaints about everyone running as addministrators, MS added UAC (like sudo) and people started to complain about this aswell.
Not to mention, a lot of software companies will tell the end user to run the software as administrator.