Professional Web Applications Themes

why do i need to reauthenticate as root if i'm logged in as root already? - Mac Applications & Software

Question for OS X gurus...just curious, and I'm sure there probably is a good reason for this, but I can't think of one...recently I was installing some software on some of our lab macs, and I was logged in as root at the time. Upon launching the installer, I was prompted to authenticate myself as someone with the appropriate privileges....even though I was already logged in as root? Why? I simply re-entered my root password and was able to complete the install, but this seems to be a redundant step. Is there a reason why root would need to reauthenticate, ...

  1. #1

    Default why do i need to reauthenticate as root if i'm logged in as root already?

    Question for OS X gurus...just curious, and I'm sure there probably is
    a good reason for this, but I can't think of one...recently I was
    installing some software on some of our lab macs, and I was logged in
    as root at the time. Upon launching the installer, I was prompted to
    authenticate myself as someone with the appropriate privileges....even
    though I was already logged in as root? Why? I simply re-entered my
    root password and was able to complete the install, but this seems to
    be a redundant step. Is there a reason why root would need to
    reauthenticate, simply to install software on the local machine?

    Dave
    D. Guest

  2. #2

    Default Re: why do i need to reauthenticate as root if i'm logged in as root already?

    D. Fox <com> wrote:
     

    To make sure you really wanted to do that, and it's not one of those
    idiotic worm thingies the Windows people have to put up with on a
    daily basis.

    --
    Jeremy | com
    Jeremy Guest

  3. #3

    Default Re: why do i need to reauthenticate as root if i'm logged in as root already?

    In article <gunslinger.net>,
    Jeremy <com> wrote:
     
    >
    > To make sure you really wanted to do that, and it's not one of those
    > idiotic worm thingies the Windows people have to put up with on a
    > daily basis.[/ref]

    Okay, so this brings up another question: Can an installer put things in
    protected folders when you are logged in as an admin say (or perhaps
    root) without being authenticated? E.g. is the authentication just up to
    the installer, or is it required by the OS?

    --
    James Meiss
    <http://amath.colorado.edu/faculty/jdm>
    James Guest

  4. #4

    Default Re: why do i need to reauthenticate as root if i'm logged in as root already?

    James Meiss <invalid> wrote:
     

    It's definitely not required by the OS at the low level. It's just an
    added level of protection from the higher-level frameworks.

    You can't really provide effective security on a computer where the user
    insists upon logging in as root, which is something you should never do.

    Unfortunately, the usual case, where the user logs in as an admin, isn't
    great either -- if you install software by dragging it to the Applications
    folder, it ends up with unsafe permissions, which really can only be fixed
    effectively from the command line. But at least the System stuff is (or
    should be) safe.

    --
    Jeremy | com
    Jeremy Guest

  5. #5

    Default Re: why do i need to reauthenticate as root if i'm logged in as root already?

    In article <colorado.edu>,
    James Meiss <invalid> wrote:
     
    > >
    > > To make sure you really wanted to do that, and it's not one of those
    > > idiotic worm thingies the Windows people have to put up with on a
    > > daily basis.[/ref]
    >
    > Okay, so this brings up another question: Can an installer put things in
    > protected folders when you are logged in as an admin say (or perhaps
    > root) without being authenticated? E.g. is the authentication just up to
    > the installer, or is it required by the OS?[/ref]

    Yes.

    When someone creates an installer, they can choose whether to require
    authentication. In general, if someone's logged in as root, then the
    installer can put any file anywhere without additional authentication.
    However from the point of view of the person creating the installer,
    it's a really bad idea to make any assumptions about what privileges are
    available. So if the installer is going to affect privileged locations,
    it's going to ask you to authenticate.

    --
    Tom "Tom" Harrington
    Macaroni, Automated System Maintenance for Mac OS X.
    Version 1.4: Best cleanup yet, gets files other tools miss.
    See http://www.atomicbird.com/
    Tom Guest

  6. #6

    Default Re: why do i need to reauthenticate as root if i'm logged in as root already?

    In article <google.com>, D. Fox wrote: 

    To prevent someone who's not you from installing software when you go
    to the restroom and forget to lock the screen (and the door). Pretty
    basic security stuff really.





    tristero Guest

  7. #7

    Default Re: why do i need to reauthenticate as root if i'm logged in as root already?

    In article <google.com>,
    com (D. Fox) wrote:
     

    Hmmm, I remember thinking how cute, must've back about 10.1.x
    I had logged in as root (wasn't up to speed with su, sudo ;-)
    and an Installer just flicked thru, it knew I was root.

    Mebbe they've tightened up on that one...
    Peter Guest

  8. #8

    Default Re: why do i need to reauthenticate as root if i'm logged in as

    In article <google.com>,
    com (D. Fox) wrote:
     

    Because Mac OS X doesn't think you're logged-in as root.
    Because you can't log in to the GUI as root unless you do
    some very weird things. And if you're clever enough to
    know these weird things, you're assumed to be clever
    enough to think through the implications of what you're
    doing.

    Mac OS X is not intended to have a root user logged-in.
    Stop doing that and your problems will go away. The root
    user is too powerful to use casually.


    Simon Guest

Similar Threads

  1. ExpandPath evaluates to ColdFusion root instead ofvirtual web server root
    By _Tian_ in forum Coldfusion Server Administration
    Replies: 0
    Last Post: April 7th, 11:54 PM
  2. Web content root ?= CF application root?
    By cjeris in forum Coldfusion Server Administration
    Replies: 0
    Last Post: May 9th, 07:46 PM
  3. su from root
    By Doug Hardie in forum FreeBSD
    Replies: 0
    Last Post: February 26th, 10:59 PM
  4. Doent root not website root
    By jpb in forum PHP Development
    Replies: 2
    Last Post: October 27th, 05:26 PM
  5. Replies: 2
    Last Post: September 25th, 01:15 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139