Single-User Systems
Even if you are the only person using your OpenBSD system, you still need to create a user account for day-to-day use instead of using the root account. Read your email, surf the Web, and develop your software with your regular account, not with root. Using root for casual tasks increases your risks from user error and security issues. A careless keystroke by root can render an entire system unusable, while that same careless keystroke by a regular user will only generate a "permission denied" error.
If an intruder compromises an account, he can only inflict damage allowed by that user's permissions. If the compromised account handles your email and your web bookmarks, you may suffer some personal embarrassment. If that account is root, the intruder can inflict unlimited damage and you will need the install media and backup tapes. Using a regular account for day-to-day tasks means that you can take extra steps to lock down the root account. If you plan properly you can even entirely eliminate the need to become root and add another layer of security to your system.
In short, each operation should be performed with the minimum level of permission necessary. If you don't need root access to perform a task, don't use it! This is why OpenBSD's web server runs as a separate user, rather than root; not only does it protect the system from intruders, it protects the system from program errors.
Operating systems that treat every user as the equivalent of root have more problems as a result: the effectiveness of viruses, unexpected misconfigurations, and even most crashes can be traced back to this behavior. OpenBSD might be the most secure operating system in the world, but all those fancy security features cannot protect you from poor sysadmin practices.
Using root for routine tasks also creates bad habits. Under pressure, people do things the way they're used to. If you habitually use root on your desktop for routine work, when the time comes you need to work on a production system you'll have to fight with yourself to perform routine tasks properly. This sort of sloppiness is one of the biggest causes of security breaches. Even on my OpenBSD desktop, where I'm the only person who will ever use it, I do everything as a regular user specifically to develop and maintain good sysadmin habits.
Keeping all this in mind, it should be clear why you should use a regular account for day-to-day work.
No comments:
Post a Comment