moko running everything as root

arne anka openmoko at
Sat Jun 14 10:25:12 CEST 2008

> will tell you that having those kind of permissions systems when the
> INTRUDER has physical access to the device is next to pointless.

the om is connected via wlan or bluetooth -- thus allowing hacking into it  
(if it is not posiible right now it will some day).
thus the user does not necessarily notice if there's an intruder.
second: what ways to boot the om _without_ destroying all data? if you  
need to hack the password for the root account to be able to manipulate  
existing data, there's another fence to jump.

> What benefit does havign things like OPKG SUID give us that having
> opkg run as root doesn't?

only opkg is run, not everything possible.
logging in as root opens a world of ways to harm your data, either by  
accident or deliberately.
expoliting suid requires a bug in the program suid'd.

> User "John" running sudo rm -rf /* is better than root running "rm -rf
> /*" because...?

see above.
you can configure which commands/programs may be run with sudo.
and user john is not every user -- a user able to run sudo needs to belong  
to a specific group, configurable as well.

> If you want security, unprivaledges users must NOT
> EVER be able to run privaledged commands.

see above.

> have various roles. This assumption doesn't exactly hold when the
> entire filesystem is small enough to be put in one's pocket.

the om represents a device more powerfull than the computer linux was  
developed on.

i am not sure i understand you correctly, but for me it sounds like you  
saying user/group separation is meaningfull for servers only (and only  
because physical access can be prevented), for end user computers, laptops  
specifically, it is a waste.
if so, you are pretty much alone with this understanding.

what bothers me: as far as i understand the vast majority of applications  
is ported from existing linux distributions or just recompiled -- so, why  
would one disable the user/group principle the apps obey on their native  
ubuntu for one works rather well with that wheel/sudo way and even on  
non-ubuntu systems users are able "to run a lot of root applications such  
as rdate, power off, opkg, etc." w/o beeing root all the time.

More information about the community mailing list