Becoming root with su


Becoming root with su

Becoming root, assuming that you know the root password, is really quite easy. To do so, you just apply the su command (introduced in the Changing Your Identity with su section of (Chapter 3), where you change to the root identity (Code Listing 16.3).

Once again, we'll say: Being root on a Unix system carries with it a lot of responsibility. First, you must be extraordinarily careful about what you type and where you type it. Every system administrator out there has a horror story about wrecking (to a greater or lesser degree) a system through careless use of the root shell. We've done it, too. Second, you must be very responsible about what you do. You can read anything, see anything, watch anything, and change anything. You can, therefore, easily infringe upon the privacy of your users. Don't.

To become root:

1.

su

Enter su to become root.

2.

*******

Enter the root password when prompted. Note that, after you succeed, you'll see a different prompt (#). This is your confirmation that you succeeded and are now root(Code Listing 16.3).

3.

exit

Use exit or to exit the root shell and become yourself again.

Code Listing 16.3. Becoming root is remarkably easy.

jdoe /home/jdoe $ su Password: [root@sulley jdoe]# exit jdoe /home/jdoe $ su - Password: [root@sulley root]# 

Tips

  • As with using su to become yourself (or another user), you can use su to ensure that all of the root environment variables are set correctly. If you just use su without the hyphen, environment variables and the like will not be set for you, only the root identity. Which is more appropriate depends completely on your situation. If you get unexpected error messages (file not found, for example) with one approach, try the other.

  • If you're connecting to a system with telnet (as opposed to ssh), do not become root. The root password could be "sniffed" by malicious users, and if a hacker gains your root password, you're potentially in big trouble. Your best choice is just to use ssh or to use sudo if ssh is simply impossible.

  • Usually, you'll have to log in to a system as you, and then become root. It's a rare system that will allow you to log directly in remotely as root. Again, this is a security measure to help minimize the possibility of break-ins. Even if someone gets the root password on a system, they can't act as root if they can't also log in as a normal user.

  • There are no real secrets on a Unix system. If you have something that must be a secret, you must encrypt it, or the root user (as well as other users) could know it.





Unix(c) Visual Quickstart Guide
UNIX, Third Edition
ISBN: 0321442458
EAN: 2147483647
Year: 2006
Pages: 251

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net