Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Single User Security
Single User Security
I am looking for a FAQ or general user guide to setting up a Linux system for a *single* user, with secuity only kept at that level instead of its default multisuer/wan defaults. Freedom is inversely proportional to security, and its important, especially if the wife is to use this machine, that there be no or little additional hindrances to doing simple routines, or anything blocking our access to our hardware.
Please understand that I am utterly unconcerned about the dangers of typo mistakes in destroying the system. I use file managers for copy/delete/move operations and *never* any drag/drop stuff. In 25+ years of Win/Linux there has never been such an error here.
Behind two hardware firewalls, no email client, and browsers armored to the teeth - I feel that there is minimum risk in attack vectors. Especially when I am normally behind a VPN, and IPV6 is disabled.
I dont mind running in a user account, but would prefer WAN media apps to run in a third *sandbxed* account. Might even consider a VM for this purpose. Right now, I am restoring a development system with over 25K packages on SID and enough has broke so that it will not boot to a user account. Root works fine, brings up Mate, and everything seems to work OK. User accounts are not a real issue, but i would just as soon be rid of SeLinux, Polkit, AppArmor and anything that prevents anyone at the keyboard from having full, absolute control of the system.
Of course I am aware that what I am doing is completely opposite standard 'best practices' - and I would even myself necver recommend such a minimal securty setup to anyone with even a wireless laptop, much less a home system that has open ports for such things as remote desktop. Here sshd is disabled. Routers forbidden to port-forward. Numerous oother steps taken that dont come to mind.
Just wondering if anyone elese has taken this approach, who is a bit more knowledgeable about networking - and what other suggestions that they may have in mind.
Right now the the overamping on security is killing freedom in the personal user milieu.
I really dont care if a hacker breaks into this system. They would be bored to tears. I keep no personal information here that I would really mind was 'shared' with the net. And with over two million files and no indexing, any search would be noticed and killed instantly.
Please understand that I am utterly unconcerned about the dangers of typo mistakes in destroying the system. I use file managers for copy/delete/move operations and *never* any drag/drop stuff. In 25+ years of Win/Linux there has never been such an error here.
Behind two hardware firewalls, no email client, and browsers armored to the teeth - I feel that there is minimum risk in attack vectors. Especially when I am normally behind a VPN, and IPV6 is disabled.
I dont mind running in a user account, but would prefer WAN media apps to run in a third *sandbxed* account. Might even consider a VM for this purpose. Right now, I am restoring a development system with over 25K packages on SID and enough has broke so that it will not boot to a user account. Root works fine, brings up Mate, and everything seems to work OK. User accounts are not a real issue, but i would just as soon be rid of SeLinux, Polkit, AppArmor and anything that prevents anyone at the keyboard from having full, absolute control of the system.
Of course I am aware that what I am doing is completely opposite standard 'best practices' - and I would even myself necver recommend such a minimal securty setup to anyone with even a wireless laptop, much less a home system that has open ports for such things as remote desktop. Here sshd is disabled. Routers forbidden to port-forward. Numerous oother steps taken that dont come to mind.
Just wondering if anyone elese has taken this approach, who is a bit more knowledgeable about networking - and what other suggestions that they may have in mind.
Right now the the overamping on security is killing freedom in the personal user milieu.
I really dont care if a hacker breaks into this system. They would be bored to tears. I keep no personal information here that I would really mind was 'shared' with the net. And with over two million files and no indexing, any search would be noticed and killed instantly.
Re: Single User Security
Tried Docker yet? Also I think you could be paranoid about certain things. You could do more just setting Xorg not to use SUIDs. I've done it and noticed no real disturbance:millpond wrote:[...] but i would just as soon be rid of SeLinux, Polkit, AppArmor and anything that prevents anyone at the keyboard from having full, absolute control of the system.
https://lists.x.org/archives/xorg-annou ... 02927.html
Re: Single User Security
I don't see the threat? What are you worried about? You say you have two hardware firewalls, maybe get another one just to be sure?
Really, I think it will depend on what you're trying to guard against? Personally I wouldn't do anything financial on the net, but I'm an old guy and stuck in the mud like that. There is a "securing Debian" guide easily found with a search. I did some reading way back, but FWICT if your incoming router blocks everything anyway, except standard ports like browser and email or whatnot, there's not much point in being too paranoid. Now the VPN stuff or anything else you have installed I can't vouch for, who knows? I never use them, or TOR because I just don;t have the knowledge, and configuring things like that incorrectly seems very easy to do, with a lot of potential to leave a gaping security hole.
Really, I think it will depend on what you're trying to guard against? Personally I wouldn't do anything financial on the net, but I'm an old guy and stuck in the mud like that. There is a "securing Debian" guide easily found with a search. I did some reading way back, but FWICT if your incoming router blocks everything anyway, except standard ports like browser and email or whatnot, there's not much point in being too paranoid. Now the VPN stuff or anything else you have installed I can't vouch for, who knows? I never use them, or TOR because I just don;t have the knowledge, and configuring things like that incorrectly seems very easy to do, with a lot of potential to leave a gaping security hole.
okay I can't get with that idea. I'm sure the wife is smart, but I would not let anybody have that kind of access to my computer, and I need auth stuff to keep me from making mistakes. Get her a separate system for herself maybe?...
would just as soon be rid of SeLinux, Polkit, AppArmor and anything that prevents anyone at the keyboard from having full, absolute control of the system.
...
resigned by AI ChatGPT
-
- Posts: 1454
- Joined: 2015-08-30 20:14
Re: Single User Security
^Yea, it's confusing. He wants to run everything without needing to type passwords. That's what I get, too.
Anyway, for single-use stuff we have sudo. Basically, you create a user, give him permission to admin the system, add the password and you're set. It's what Ubuntu is doing to simplify administration. Debian defaults to two accounts:admin (root) and normal user. But you can disable root during installation simply by not setting password for it. In this case, your regular user will have admin rights via "sudo".
It simple, and you don't have to be paranoid. It's much worse doing everything "the Windows way".
Anyway, for single-use stuff we have sudo. Basically, you create a user, give him permission to admin the system, add the password and you're set. It's what Ubuntu is doing to simplify administration. Debian defaults to two accounts:admin (root) and normal user. But you can disable root during installation simply by not setting password for it. In this case, your regular user will have admin rights via "sudo".
It simple, and you don't have to be paranoid. It's much worse doing everything "the Windows way".
Re: Single User Security
I fail to see the problem you have described as "lack of freedom"
what exactly you think you can't do?
if bw123 is right and all you want is to run everything as root, then i'd say just do it, and else do security the way it is usually done.
what exactly you think you can't do?
if bw123 is right and all you want is to run everything as root, then i'd say just do it, and else do security the way it is usually done.
He doesn't necessarily needs to care for you data, but take your mashine to do nasty things from your machine/IP. Something you would rather not want.I really dont care if a hacker breaks into this system. They would be bored to tears. I keep no personal information here that I would really mind was 'shared' with the net.
I still don't see the point, as said above, but you seem to have settled on that idea already.
- Head_on_a_Stick
- Posts: 14114
- Joined: 2014-06-01 17:46
- Location: London, England
- Has thanked: 81 times
- Been thanked: 133 times
Re: Single User Security
Yes. And. No.bw123 wrote:Okay, I seem to have misunderstood, you're not asking about security. Basically you're asking, "How to run everything as root, like windows?"
The objective here is tow have two totally functioning modes: Sysadmin and Wan/Media.
Functioning as to their roles:
Absolute control for sysadmin. No sudo, no limits of any kind. I run my systems out of scripts that I am not about to rewrite because they are not secure on a multiuser system, but appropriate here. There are some WAN things I need to do as sysadmin, but they are limited in nature, and am unconcered over security issues here. Hells bells, I do not even want my software I use to tweak my websites even to be accessible to sudo.
Media/Wan I prefer to run as some type of sub-user without access to system functions. I guess for X this would require some type of sandbox/chroot/VM arrangement. Not familiar with Docker
Freedom to me is the ability to 'hack' one system within reason. I am trying to avoid other repos here, and SID has the most promise for up tp date script languages, without the need (so far) to manually install them.
I am not asking how to run as root. I am doing that. More than I want at the moment, as user accounts are for some reason broken. Hoping to fix that next week. What I am interested in is any guides for running as full sysadmin in a systemd system, which none of my older texts are aware. Debian is a moving target. And I'm a little behind.
I do not like systemd. Its one of the reasons I left linux for a while. But with it, I can do a full development system in weeks instead of months. But it looks hackable enough to disable most of its junk.
Re: Single User Security
On Jessie I booted right into the user account, and ran the system from rooted terminals. Tried that on SID but kept running into GTK issues. Because some pinhead decided that superusers shouldnt run X GUIs. Hacked some files, and now GTK is running fine.CwF wrote:It is possible to create a passwordless system and not be root. You can even do an hardware key encrypted one!
The risks of bricking a system with encryption far outweigh anything a malicious hacker can do. In an enterprise environment it may certainly be appropriate. For a home network I have the best option for data that should not be shared with the world - by disconnecting it from the net totally. As in powering its media off. 6 machines here. Only two typically ON.
One of them is Win7 that looks like a honeypot, with all security services turned off. About once a year I spend about 20 minutes kiling off a booger. I figure its less time than setting up a firewall. Point is: Real security lies at the system operator, not OS software level.
A production system must have fully amped security protocols. But I believe these should only be optional on single user systems.
Re: Single User Security
Again: what limits you speak of?No sudo, no limits of any kind.
Might well be me, but i hear a lot of big buzz words, but got no clue what the heck your real problem is.
-
- Global Moderator
- Posts: 2679
- Joined: 2018-06-20 15:16
- Location: Colorado
- Has thanked: 41 times
- Been thanked: 196 times
Re: Single User Security
That's because once I left the system up with a root Thunar open while I went for coffee. In the meantime my cat had an argument with my trackball. Why left click defaults to move I'll never know.millpond wrote:Because some pinhead decided that superusers shouldnt run X GUIs.
Some things like sound have issues as root. I see 'inxi' mentioned as differing ran as root, don't know, never used it.
I prefer to paddle downstream, with the flow. I'm a late comer, in at Jessie. So systemd and polkit is what it is. I have chosen not to argue with what I don't know. I try to only mod things in ways that will reliably persist through upgrades. If mods continually break, the message is to rethink the way you're doing things.
If permissions are getting in the way, they do, I can only imagine you have multi-step scripts which at some point reach out of or into user space/root. Without examples I have no solution. While you can't get away from a user typing sudo, you can eliminate the password. I assume you have already purged any gksu use.
file: /etc/sudoers.d/user
Code: Select all
user ALL=(ALL) NOPASSWD: /specific/command
#OR
user ALL=(ALL) NOPASSWD: ALL
With polkit you can do similar, with its inherent granularity per program.
Code: Select all
<allow_any>no</allow_any>
<allow_inactive>auth_admin</allow_inactive>
<allow_active>yes</allow_active>
is zero? This was one of the first things I wondered about. So I made a full disk encrypted image. I found I could move it from system to system. I found I could mount it in a foreign system. I found I could image to file, and back to device. I found I could loop the file image, etc. On one flaky computer I did have to address superblock errors. Overall, for me it passes muster. Modern CPU's take off the performance hit. I don't see a problem outside hardware problems. I was infering in my comment that the encryption key can be delivered via hardware, either matching the OS to a particular computer or requiring a usb key, either without passowrds, and potentially invisible to the user.millpond wrote:The risks of bricking a system with encryption...
Agreed, but this needs a qualifier. I've said forever the best AV software is a keyboard. Many believe XP is susceptible to air-borne viruses. The #1 vector has always been the user click. So software tries to guard against a wrong click, and that irritates us. Linux people are full of themselves with regards to security. Obfuscation seems to be a primary method. With 99% of users not on Linux, the safety lies in the fact that at this point, you are not a target...millpond wrote:Win7 that looks like a honeypot,... Real security lies at the system operator, not OS software level.
Re: Single User Security
There is a wide range of problems here.xepan wrote:Again: what limits you speak of?No sudo, no limits of any kind.
Might well be me, but i hear a lot of big buzz words, but got no clue what the heck your real problem is.
It is technical - scripts and aps breaking, with things like proc/statidtics fuxxover to proc/stat.
Like a system that will boot to root and NOT user. .
Its SID so I dont take it personally -but by seeing more of the future and liking less of it.
And much of it is philosophical , to be for another thread.
Re: Single User Security
I would say a system doesn't "boot to root or user",
but to a login prompt or a display-manager.
use the former, log in as root, case closed.
but to a login prompt or a display-manager.
use the former, log in as root, case closed.
Re: Single User Security
Actually, it boots to a login prompt. Not a problem.
Just checked. Its now accepting user account at VT login.
Done some updates lately.
Still no explanation as to why a superuser account is considered so taboo, except that a few apps wount run under it (many of which actually do, especially if recompiled).
I consider Linux compromised already. Bashbug, heartbleed, certainly many more. All recent CPUs are boogered.
I have my own preferred security methods that work rather well, even on a slipship OS like Win.
Just checked. Its now accepting user account at VT login.
Done some updates lately.
Still no explanation as to why a superuser account is considered so taboo, except that a few apps wount run under it (many of which actually do, especially if recompiled).
I consider Linux compromised already. Bashbug, heartbleed, certainly many more. All recent CPUs are boogered.
I have my own preferred security methods that work rather well, even on a slipship OS like Win.
Re: Single User Security
Hello
and I agree about the comprise.
Perhaps for different reasons spawned from,
ip sniffing,
hacked secured tunnels
(probably from the the tunnels destination - would that be a hack or something else altogether? -go figure)
I look forward to reading more.
Even if a bit unorthodox compared to what is normally seen in this forum,
slipshod oops slipship
and I agree about the comprise.
Perhaps for different reasons spawned from,
ip sniffing,
hacked secured tunnels
(probably from the the tunnels destination - would that be a hack or something else altogether? -go figure)
I look forward to reading more.
Even if a bit unorthodox compared to what is normally seen in this forum,
slipshod oops slipship
In memory of Ian Ashley Murdock (1973 - 2015) founder of the Debian project.
Re: Single User Security
Yes, indeed 'unorthodox'. Even a bit eccentric.
But something of value to laptop owners who may be blocked from using gui restore tools, and certainly useful for home users who have 'trusted' family members who do not know or care to know about Linux security fashions.
Gksudo, gksu seems to be missing from Sid. Not good.
NB: What I am talking about is not something that should be tried by novice users without some experience about what and how system damage may occur. But one can do just as much damage as a 'user' as 'root' in the right places.
Nor would even suggest using this method as a primary system. In our primary system Lennux (Magaiea) is in a VM. On this machine Lennux is a (near) fully loaded development system for playing around in.
Of great interest is what *real* problems can arise in a system behind 2 NATs, ssh disabled, no servers running.
Can anyone log in? Would setting hosts.deny to all:all (paranoid) break anything? I've got my rether large hosts file from Windoze hooked up for blocking now....
Does SNORT still work? Ther've been so damn many changes, that I cannot keep a bead on them, and all my notes and references are 'deprecated' as Lennux bears little similarity to the traditional Linux system.
But something of value to laptop owners who may be blocked from using gui restore tools, and certainly useful for home users who have 'trusted' family members who do not know or care to know about Linux security fashions.
Gksudo, gksu seems to be missing from Sid. Not good.
NB: What I am talking about is not something that should be tried by novice users without some experience about what and how system damage may occur. But one can do just as much damage as a 'user' as 'root' in the right places.
Nor would even suggest using this method as a primary system. In our primary system Lennux (Magaiea) is in a VM. On this machine Lennux is a (near) fully loaded development system for playing around in.
Of great interest is what *real* problems can arise in a system behind 2 NATs, ssh disabled, no servers running.
Can anyone log in? Would setting hosts.deny to all:all (paranoid) break anything? I've got my rether large hosts file from Windoze hooked up for blocking now....
Does SNORT still work? Ther've been so damn many changes, that I cannot keep a bead on them, and all my notes and references are 'deprecated' as Lennux bears little similarity to the traditional Linux system.
- Head_on_a_Stick
- Posts: 14114
- Joined: 2014-06-01 17:46
- Location: London, England
- Has thanked: 81 times
- Been thanked: 133 times
Re: Single User Security
They are now obsolete, use pkexec instead.millpond wrote:Gksudo, gksu seems to be missing from Sid
It is *very* easy to add new polkit rules for any application to run as root, perhaps do that instead of coming here and whining like a spoilt little child?
deadbang
Re: Single User Security
what would that be?millpond wrote:Y
NB: What I am talking about is not something that should be tried by novice users without some experience about what and how system damage may occur. But one can do just as much damage as a 'user' as 'root' in the right places.
and don't start with anything happening in home, that is quite different from the damage root can do.
As far the 7-proxies approach (behind two NAT's, yada-yada) is concerned: for sure web-browsing and email might be a problem, i would guess. Though i for one mainly ignore those.
Depends on what you do, i guess, and in general security is a subject you want to be as specific and narrow as possible (say: how do i secure ssh? ), the opposite of your way to ask. What your wife does really doesn't add any info to the subject, to give an example. A VPN tries to solve one problem, disabling services solves a different problem; to give another example.
Also ask in the right community. forums debian net isn't really a security channel (but don't ask there like you ask here, duh).
probably something like chrootkit, too, though that might just as well be obsolete right now, due to the never ending changes in Linux land.
Mainly a firewall though.
https://www.debian.org/doc/manuals/secu ... ian-howto/
-
The things which get added to a very complex subject by running as root are the exact reasons why one shouldn't do it, so i guess you will have to live with those extra problems.
Re: Single User Security
Who the hell is whining?Head_on_a_Stick wrote:They are now obsolete, use pkexec instead.millpond wrote:Gksudo, gksu seems to be missing from Sid
It is *very* easy to add new polkit rules for any application to run as root, perhaps do that instead of coming here and whining like a spoilt little child?
Polkit is well under control here.
The issue at hand is what are the potential problems with running as superuser on a system specifically designed to run at minimum security levels. Ans what are best pracices for THIS mode.
Thank you for pkexec.
Fisrst i've heard of it.