Professional Web Applications Themes

Unix base of Mac OS X - root access and non-working links - Mac Applications & Software

Removed by Administrator...

  1. Moderated Post

    Default Unix base of Mac OS X - root access and non-working links

    Removed by Administrator
    Marco Constante Pereira Guest
    Moderated Post

  2. Moderated Post

    Default Re: Unix base of Mac OS X - root access and non-working links

    Removed by Administrator
    Dave Seaman Guest
    Moderated Post

  3. Moderated Post

    Default Re: Unix base of Mac OS X - root access and non-working links

    Removed by Administrator
    fishfry Guest
    Moderated Post

  4. #4

    Default Re: Unix base of Mac OS X - root access and non-working links

    Marco Constante Pereira wrote:
    > Hi,
    >
    > I'm a linux user that migrated to mac recently.
    >
    > How do I gain root access in the terminal?
    sudo passwd root

    The first "Password:" is the one which authorizes you access to sudo -
    your existing admin's password.

    hth

    from the sonic domain of the net TLD, with username gw2.

    "...a typical American production, with guns and special effects."
    -Tariq Aziz
    Braxton Burrsaddle Guest

  5. #5

    Default Re: Unix base of Mac OS X - root access and non-working links

    fishfry <fishfryyour-mailbox.com> wrote in message news:<fishfry-06A1DB.13123715072003netnews.attbi.com>...
    > In article <20030715190604131+0100news.up.pt>,
    > Marco Constante Pereira <mconstantegmx.net> wrote:
    >
    > > Hi,
    > >
    > > I'm a linux user that migrated to mac recently.
    > >
    > > How do I gain root access in the terminal? - I wish to install *nix apps
    > > under /usr and /local; I also wish to change things in /etc (sh profiles,
    > > for instance)
    > >
    > > I tried to create a user with 'shor name' root but Mac OS does'nt allow
    > > it.
    > >
    >
    > Use Netinfo Manager and look for a menu option "enable root user."
    While this will work, it is not a recommended approach. You have the
    same amount of power using sudo -s, or sudo sh. However you do not
    leave a security hole (albeit a small one) - by enabling the root
    user, anyone who might happen to want to break into your computer
    knows the name of at least one account, and they know it has full
    privileges for your computer, if you disable it, they have to somehow
    get, a. a login name, b. one that is an administrator and c. a
    password for it.

    Bob
    Beelsebob Guest

  6. #6

    Default Re: Unix base of Mac OS X - root access and non-working links

    On 7/16/2003 2:45 AM, Beelsebob wrote:
    > Braxton Burrsaddle <nothere.invalid> wrote in message news:<Wl2Ra.2154$dk4.112738typhoon.sonic.net>...
    >
    >>Marco Constante Pereira wrote:
    >>
    >>
    >>>Hi,
    >>>
    >>>I'm a linux user that migrated to mac recently.
    >>>
    >>>How do I gain root access in the terminal?
    >>
    >>sudo passwd root
    >>
    >>The first "Password:" is the one which authorizes you access to sudo -
    >>your existing admin's password.
    >
    >
    > Not necessary, just use sudo for everything.
    >
    > Bob
    For those of us that spend lots of time as "root", using 'sudo' for
    everything becomes painful very quickly. 'su -' is a good thing.

    Michael Rice Guest

  7. #7

    Default Re: Unix base of Mac OS X - root access and non-working links

    Michael Rice wrote:
    > On 7/16/2003 2:45 AM, Beelsebob wrote:
    >
    >> Not necessary, just use sudo for everything.
    >
    > For those of us that spend lots of time as "root", using 'sudo' for
    > everything becomes painful very quickly. 'su -' is a good thing.
    How is 'su -' any less painful than 'sudo bash' (or whatever shell
    you want to use)? I am a full time Solaris admin and I never log in
    as root on machines where sudo is available - root account is only
    there to boot single user. The default config in Mac OS X is IMHO as
    it should be - even for Unix geeks. I have followed the arguments
    in various groups and I can still see no valid reason to activate
    the root account.

    --
    Ian Gregory
    Systems and Applications Manager
    Learning and Information Services
    University of Hertfordshire
    Ian Gregory Guest

  8. #8

    Default Re: Unix base of Mac OS X - root access and non-working links

    On 7/16/2003 7:46 AM, Ian Gregory wrote:
    > Michael Rice wrote:
    >
    >>On 7/16/2003 2:45 AM, Beelsebob wrote:
    >>
    >>
    >>>Not necessary, just use sudo for everything.
    >>
    >>For those of us that spend lots of time as "root", using 'sudo' for
    >>everything becomes painful very quickly. 'su -' is a good thing.
    >
    >
    > How is 'su -' any less painful than 'sudo bash' (or whatever shell
    > you want to use)? I am a full time Solaris admin and I never log in
    > as root on machines where sudo is available - root account is only
    > there to boot single user. The default config in Mac OS X is IMHO as
    > it should be - even for Unix geeks. I have followed the arguments
    > in various groups and I can still see no valid reason to activate
    > the root account.
    >
    If you 'sudo' a shell, then the "pain" level is the same. However,
    'sudo bash' and 'su -' are not equivalent. The former does not create a
    login shell using the root account. For me, when I'm doing system-level
    activities, I prefer to use the "root" user's environment, including
    path, umask, etc.

    Maybe it's just a matter of preference. Are there reasons *not* to
    activate the root account?

    Michael Rice Guest

  9. #9

    Default Re: Unix base of Mac OS X - root access and non-working links

    In article <vhal2p7q1i16abcorp.supernews.com>,
    Michael Rice <maricewhiteice.com> wrote:
    > On 7/16/2003 7:46 AM, Ian Gregory wrote:
    > > Michael Rice wrote:
    > >
    > >>On 7/16/2003 2:45 AM, Beelsebob wrote:
    > >>
    > >>
    > >>>Not necessary, just use sudo for everything.
    > >>
    > >>For those of us that spend lots of time as "root", using 'sudo' for
    > >>everything becomes painful very quickly. 'su -' is a good thing.
    > >
    > >
    > > How is 'su -' any less painful than 'sudo bash' (or whatever shell
    > > you want to use)? I am a full time Solaris admin and I never log in
    > > as root on machines where sudo is available - root account is only
    > > there to boot single user. The default config in Mac OS X is IMHO as
    > > it should be - even for Unix geeks. I have followed the arguments
    > > in various groups and I can still see no valid reason to activate
    > > the root account.
    > >
    >
    > If you 'sudo' a shell, then the "pain" level is the same. However,
    > 'sudo bash' and 'su -' are not equivalent. The former does not create a
    > login shell using the root account. For me, when I'm doing system-level
    > activities, I prefer to use the "root" user's environment, including
    > path, umask, etc.
    True, but 'sudo su -' will get you a root login shell without activating
    the root account.
    >
    > Maybe it's just a matter of preference. Are there reasons *not* to
    > activate the root account?
    >
    From what I've seen in these groups, it's a (minor) issue of security.
    Some are of the opinion that since the name of the root user is known, a
    would-be cracker only has to guess the password, whereas, if the root is
    not enabled, the pretender has to guess both the administrator's name
    and password.

    --
    Tom Stiller

    PGP fingerprint = 5108 DDB2 9761 EDE5 E7E3
    7BDA 71ED 6496 99C0 C7CF
    Tom Stiller Guest

  10. #10

    Default Re: Unix base of Mac OS X - root access and non-working links

    Ian Gregory <i.h.gregoryherts.ac.uk> wrote:
    > Michael Rice wrote:
    >> On 7/16/2003 2:45 AM, Beelsebob wrote:
    >>
    >>> Not necessary, just use sudo for everything.
    >>
    >> For those of us that spend lots of time as "root", using 'sudo' for
    >> everything becomes painful very quickly. 'su -' is a good thing.
    >
    > How is 'su -' any less painful than 'sudo bash' (or whatever shell
    > you want to use)? I am a full time Solaris admin and I never log in
    > as root on machines where sudo is available - root account is only
    > there to boot single user. The default config in Mac OS X is IMHO as
    > it should be - even for Unix geeks. I have followed the arguments
    > in various groups and I can still see no valid reason to activate
    > the root account.
    >
    There essentially is no valid reason - use sudo for the occasional
    command, or sudo -s for a string of commands.
    Steve Lidie Guest

  11. #11

    Default Re: Unix base of Mac OS X - root access and non-working links

    Michael Rice <maricewhiteice.com> wrote in comp.sys.mac.system:
    > On 7/16/2003 7:46 AM, Ian Gregory wrote:
    > > Michael Rice wrote:
    > >
    > >>On 7/16/2003 2:45 AM, Beelsebob wrote:
    > >>
    > >>
    > >>>Not necessary, just use sudo for everything.
    > >>
    > >>For those of us that spend lots of time as "root", using 'sudo' for
    > >>everything becomes painful very quickly. 'su -' is a good thing.
    > >
    > >
    > > How is 'su -' any less painful than 'sudo bash' (or whatever shell
    > > you want to use)? I am a full time Solaris admin and I never log in
    > > as root on machines where sudo is available - root account is only
    > > there to boot single user. The default config in Mac OS X is IMHO as
    > > it should be - even for Unix geeks. I have followed the arguments
    > > in various groups and I can still see no valid reason to activate
    > > the root account.
    > >
    >
    > If you 'sudo' a shell, then the "pain" level is the same. However,
    > 'sudo bash' and 'su -' are not equivalent. The former does not create a
    > login shell using the root account. For me, when I'm doing system-level
    > activities, I prefer to use the "root" user's environment, including
    > path, umask, etc.
    >
    > Maybe it's just a matter of preference. Are there reasons *not* to
    > activate the root account?
    As has been mentioned elsewhere in this(?) thread, if there is no
    root password, the root password cannot be cracked. A root account
    (under the name of "root") is one account whose user name is known
    to an attacker. You could of course call uid 0 "radix" and use that.

    The again, few attacks seem to be based on guessing root's password,
    it's usually easier to make an existing root process Do Things. So
    the point is probably no quite as important as it is made out to be.

    Anno
    Anno Siegel Guest

  12. #12

    Default Re: Unix base of Mac OS X - root access and non-working links

    Michael Rice wrote:
    > On 7/16/2003 7:46 AM, Ian Gregory wrote:
    >> Michael Rice wrote:
    >>
    >>>On 7/16/2003 2:45 AM, Beelsebob wrote:
    >>>
    >>>
    >>>>Not necessary, just use sudo for everything.
    >>>
    >>>For those of us that spend lots of time as "root", using 'sudo' for
    >>>everything becomes painful very quickly. 'su -' is a good thing.
    >>
    >>
    >> How is 'su -' any less painful than 'sudo bash' (or whatever shell
    >> you want to use)? I am a full time Solaris admin and I never log in
    >> as root on machines where sudo is available - root account is only
    >> there to boot single user. The default config in Mac OS X is IMHO as
    >> it should be - even for Unix geeks. I have followed the arguments
    >> in various groups and I can still see no valid reason to activate
    >> the root account.
    >>
    >
    > If you 'sudo' a shell, then the "pain" level is the same. However,
    > 'sudo bash' and 'su -' are not equivalent.
    True, and perhaps there are reasons to use the full root environment.
    I prefer to use my own environment which I set up with the intention
    of using it both as a regular user and with UID 0 (sudo does some
    default sanitation of the environment for you).
    > Maybe it's just a matter of preference. Are there reasons *not* to
    > activate the root account?
    Some followups have suggested it is a bad idea to have an active
    account with a known username (root) but to me that seems like
    security through obscurity.

    A good basic principle is to make sure that no one can gain access
    to the machine without entering a password that is known *only* to
    them. If you have multiple admins then you don't really want them
    to be able to log in directly as root but if you are the only user
    then it doesn't really matter. I like the default Mac OS X setup
    and for me there is no point activating the root account because
    I would never want to use it.

    --
    Ian Gregory
    Systems and Apllications Manager
    Learning and Information Services
    University of Hertfordshire
    Ian Gregory Guest

  13. #13

    Default Re: Unix base of Mac OS X - root access and non-working links

    On 7/16/2003 9:42 AM, Steve Lidie wrote:
    > Ian Gregory <i.h.gregoryherts.ac.uk> wrote:
    >
    >>Michael Rice wrote:
    >>
    >>>On 7/16/2003 2:45 AM, Beelsebob wrote:
    >>>
    >>>
    >>>>Not necessary, just use sudo for everything.
    >>>
    >>>For those of us that spend lots of time as "root", using 'sudo' for
    >>>everything becomes painful very quickly. 'su -' is a good thing.
    >>
    >>How is 'su -' any less painful than 'sudo bash' (or whatever shell
    >>you want to use)? I am a full time Solaris admin and I never log in
    >>as root on machines where sudo is available - root account is only
    >>there to boot single user. The default config in Mac OS X is IMHO as
    >>it should be - even for Unix geeks. I have followed the arguments
    >>in various groups and I can still see no valid reason to activate
    >>the root account.
    >>
    >
    >
    > There essentially is no valid reason - use sudo for the occasional
    > command, or sudo -s for a string of commands.
    A "valid" reason (other than preference) not to use 'sudo', is that once
    you 'sudo', it seems to leave the Terminal app in an "authorized" state
    - even if you quit and restart it. In other words, you don't have to
    provide a password for subsequent 'sudo' commands. In order to "clear"
    that state, I have to logout. Whereas, if I use 'su', I know that once
    I 'exit', I'm back to my normal user account and any subsequent 'su'
    will require reauthorization.

    I'm a very new Mac user, so maybe it's just a setting I have
    misconfigured somewhere. If not, then that seems like a big security
    hole to me.

    Michael Rice Guest

  14. #14

    Default Re: Unix base of Mac OS X - root access and non-working links

    compuser <compusercompuser.net> wrote in message news:<compuser-62B80E.21594116072003corp.supernews.com>...
    > In article <vhc99g1a1nrj67corp.supernews.com>, Michael Rice <maricewhiteice.com> wrote:
    >
    > > On 7/16/2003 9:42 AM, Steve Lidie wrote:
    > > > Ian Gregory <i.h.gregoryherts.ac.uk> wrote:
    > > >
    > > >>Michael Rice wrote:
    > > >>
    > > >>>On 7/16/2003 2:45 AM, Beelsebob wrote:
    > > >>>
    > > >>>
    > > >>>>Not necessary, just use sudo for everything.
    > > >>>
    > > >>>For those of us that spend lots of time as "root", using 'sudo' for
    > > >>>everything becomes painful very quickly. 'su -' is a good thing.
    > > >>
    > > >>How is 'su -' any less painful than 'sudo bash' (or whatever shell
    > > >>you want to use)? I am a full time Solaris admin and I never log in
    > > >>as root on machines where sudo is available - root account is only
    > > >>there to boot single user. The default config in Mac OS X is IMHO as
    > > >>it should be - even for Unix geeks. I have followed the arguments
    > > >>in various groups and I can still see no valid reason to activate
    > > >>the root account.
    > > >>
    > > >
    > > >
    > > > There essentially is no valid reason - use sudo for the occasional
    > > > command, or sudo -s for a string of commands.
    > >
    > > A "valid" reason (other than preference) not to use 'sudo', is that once
    > > you 'sudo', it seems to leave the Terminal app in an "authorized" state
    > > - even if you quit and restart it. In other words, you don't have to
    > > provide a password for subsequent 'sudo' commands. In order to "clear"
    > > that state, I have to logout. Whereas, if I use 'su', I know that once
    > > I 'exit', I'm back to my normal user account and any subsequent 'su'
    > > will require reauthorization.
    > >
    > > I'm a very new Mac user, so maybe it's just a setting I have
    > > misconfigured somewhere. If not, then that seems like a big security
    > > hole to me.
    > >
    >
    > I believe it remains in that state for 5 minutes IIRC
    You can change the time, I think on Macs the default is 15 minutes,
    also you can use sudo -k to lock it down again.

    Bob
    Beelsebob Guest

  15. #15

    Default Re: Unix base of Mac OS X - root access and non-working links

    In article <vhc99g1a1nrj67corp.supernews.com>,
    Michael Rice <maricewhiteice.com> wrote:
    > On 7/16/2003 9:42 AM, Steve Lidie wrote:
    > > Ian Gregory <i.h.gregoryherts.ac.uk> wrote:
    > >
    > >>Michael Rice wrote:
    > >>
    > >>>On 7/16/2003 2:45 AM, Beelsebob wrote:
    > >>>
    > >>>
    > >>>>Not necessary, just use sudo for everything.
    > >>>
    > >>>For those of us that spend lots of time as "root", using 'sudo' for
    > >>>everything becomes painful very quickly. 'su -' is a good thing.
    > >>
    > >>How is 'su -' any less painful than 'sudo bash' (or whatever shell
    > >>you want to use)? I am a full time Solaris admin and I never log in
    > >>as root on machines where sudo is available - root account is only
    > >>there to boot single user. The default config in Mac OS X is IMHO as
    > >>it should be - even for Unix geeks. I have followed the arguments
    > >>in various groups and I can still see no valid reason to activate
    > >>the root account.
    > >>
    > >
    > >
    > > There essentially is no valid reason - use sudo for the occasional
    > > command, or sudo -s for a string of commands.
    >
    > A "valid" reason (other than preference) not to use 'sudo', is that once
    > you 'sudo', it seems to leave the Terminal app in an "authorized" state
    > - even if you quit and restart it. In other words, you don't have to
    > provide a password for subsequent 'sudo' commands. In order to "clear"
    > that state, I have to logout. Whereas, if I use 'su', I know that once
    > I 'exit', I'm back to my normal user account and any subsequent 'su'
    > will require reauthorization.
    From the sudo man page:
    Once a user has been authenticated, a timestamp is updated and the
    user may then use sudo without a password for a short period of time
    (5 minutes unless overridden in sudoers).
    >
    > I'm a very new Mac user, so maybe it's just a setting I have
    > misconfigured somewhere. If not, then that seems like a big security
    > hole to me.
    >
    --
    Tom Stiller

    PGP fingerprint = 5108 DDB2 9761 EDE5 E7E3
    7BDA 71ED 6496 99C0 C7CF
    Tom Stiller Guest

  16. #16

    Default Re: Unix base of Mac OS X - root access and non-working links

    Tom Stiller <tomstillercomcast.net> wrote in comp.sys.mac.system:

    [...]
    > From the sudo man page:
    > Once a user has been authenticated, a timestamp is updated and the
    > user may then use sudo without a password for a short period of time
    > (5 minutes unless overridden in sudoers).
    ....and if someone sneaks in during those five minutes you get to solve
    a sudunnit.

    Anno
    Anno Siegel Guest

  17. #17

    Default Re: Unix base of Mac OS X - root access and non-working links

    In article <bf604n$i0d$1mamenchi.zrz.TU-Berlin.DE>, Anno Siegel wrote:
    >> (5 minutes unless overridden in sudoers).
    >
    > ...and if someone sneaks in during those five minutes you get to solve
    > a sudunnit.
    Hello? "Unless overriden in sudoers". For example if you set the
    timestamp_timeout to 0 sudo will always prompt for a password.

    You can also invalidate/remove your current timestamp via 'sudo -k' or
    'sudo -K'.

    Users who don't know this kind of thing, or at least enough to know to
    read the man pages, shouldn't be using sudo at all, and _really_
    shouldn't enable the root account for login...







    tristero Guest

  18. #18

    Default Re: Unix base of Mac OS X - root access and non-working links

    tristero <tristerowaste.net> wrote in comp.sys.mac.system:
    > In article <bf604n$i0d$1mamenchi.zrz.TU-Berlin.DE>, Anno Siegel wrote:
    > >> (5 minutes unless overridden in sudoers).
    > >
    > > ...and if someone sneaks in during those five minutes you get to solve
    > > a sudunnit.
    >
    > Hello? "Unless overriden in sudoers". For example if you set the
    > timestamp_timeout to 0 sudo will always prompt for a password.
    It was suppsed to be a joke. I'm aware that sudo can be configured to
    bits if you want to.

    Anno
    Anno Siegel Guest

  19. #19

    Default Re: Unix base of Mac OS X - root access and non-working links

    Anno Siegel <anno4000lublin.zrz.tu-berlin.de> wrote:
    > tristero <tristerowaste.net> wrote in comp.sys.mac.system:
    >> In article <bf604n$i0d$1mamenchi.zrz.TU-Berlin.DE>, Anno Siegel wrote:
    >> >> (5 minutes unless overridden in sudoers).
    >> >
    >> > ...and if someone sneaks in during those five minutes you get to solve
    >> > a sudunnit.
    >>
    >> Hello? "Unless overriden in sudoers". For example if you set the
    >> timestamp_timeout to 0 sudo will always prompt for a password.
    >
    > It was suppsed to be a joke. I'm aware that sudo can be configured to
    > bits if you want to.
    >
    (;

    And it just common sense that all accounts have the password-required
    screen saver enabled. I use the top-right hot corner. So even if the
    sudo 5 minute grace period hasn't expired, when I walk away from the
    machine I always lock it.

    Steve Lidie Guest

  20. #20

    Default Re: Unix base of Mac OS X - root access and non-working links

    Steve Lidie wrote:
    > screen saver enabled. I use the top-right hot corner. So even if the
    > sudo 5 minute grace period hasn't expired, when I walk away from the
    > machine I always lock it.
    If an admin account is logged in, I always lock the screen.

    Like father, like son: "I wonder what would happen..."

    Wesley Groleau Guest

Similar Threads

  1. site root links
    By elhz in forum Macromedia Contribute General Discussion
    Replies: 0
    Last Post: February 9th, 08:27 PM
  2. RDS under unix and Root
    By sammyishere in forum Coldfusion Server Administration
    Replies: 0
    Last Post: January 4th, 07:50 PM
  3. site root relative links
    By Tommy Thomson in forum Macromedia Contribute General Discussion
    Replies: 6
    Last Post: March 14th, 05:48 PM
  4. Data base Links on my Pc but not on server
    By AutumnFire in forum Macromedia Flash Data Integration
    Replies: 1
    Last Post: December 6th, 11:40 PM
  5. Unix root password
    By mrounds in forum Linux / Unix Administration
    Replies: 1
    Last Post: January 30th, 03:04 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139