- Advance Praise for Absolute OpenBSD, 2nd Edition
- Dedication
- About the Author
- About the Technical Reviewer
- Foreword
- Acknowledgments
- Introduction
- 1. Getting Additional Help
- 2. Installation Preparations
- 3. Installation Walk-Through
- 4. Post-Install Setup
- 5. The Boot Process
- 6. User Management
- 7. Root, and How to Avoid It
- The Root Password
- Using Groups
- Hiding Root with sudo
- Using sudo
- sudoedit
- The Biggest sudo Mistake: Exclusions
- sudo Logs
- 8. Disks and Filesystems
- Device Nodes
- DUIDs and /etc/fstab
- MBR Partitions and fdisk(8)
- Labeling Disks
- The Fast File System
- What’s Currently Mounted?
- Mounting and Unmounting Partitions
- How Full Is That Partition?
- Adding New Hard Disks
- 9. More Filesystems
- 10. Securing Your System
- 11. Overview of TCP/IP
- 12. Connecting to the Network
- 13. Software Management
- 14. Everything /etc
- /etc Across Unix Variants
- The /etc Files
- /etc/adduser.conf
- /etc/amd
- /etc/authpf
- /etc/bgpd.conf
- /etc/boot.conf
- /etc/changelist
- /etc/chio.conf
- /etc/csh.*
- /etc/daily and /etc/daily.local
- /etc/dhclient.conf
- /etc/dhcpd.conf
- /etc/disklabels/
- /etc/disktab
- /etc/dumpdates
- /etc/dvmrpd.conf
- /etc/exports
- /etc/fbtab
- /etc/firmware
- /etc/fonts/
- /etc/fstab
- /etc/ftpchroot
- /etc/ftpusers
- /etc/gettytab
- /etc/group
- /etc/hostapd.conf
- /etc/hostname.*
- /etc/hosts
- /etc/hosts.equiv
- /etc/hosts.lpd
- /etc/hotplug/
- /etc/ifstated.conf
- /etc/iked/, /etc/iked.conf, /etc/ipsec.conf, and /etc/isakmpd
- /etc/inetd.conf
- /etc/kbdtype
- /etc/kerberosV/
- /etc/ksh.kshrc
- /etc/ldap/ and /etc/ldapd.conf
- /etc/localtime
- /etc/locate.rc
- /etc/login.conf
- /etc/lynx.cfg
- /etc/magic
- /etc/mail/
- /etc/mail.rc
- /etc/mailer.conf
- /etc/man.conf
- /etc/master.passwd, /etc/passwd, /etc/spwd.db, and /etc/pwd.db
- /etc/mixerctl.conf
- /etc/mk.conf
- /etc/moduli
- /etc/monthly and /etc/monthly.local
- /etc/motd
- /etc/mrouted.conf
- /etc/mtree/
- /etc/mygate
- /etc/myname
- /etc/netstart
- /etc/networks
- /etc/newsyslog.conf
- /etc/nginx/
- /etc/nsd.conf
- /etc/ntpd.conf
- /etc/ospf6d.conf and /etc/ospfd.conf
- /etc/pf.conf and /etc/pf.os
- /etc/ppp/
- /etc/printcap
- /etc/protocols
- /etc/rbootd.conf
- /etc/rc.*
- /etc/relayd.conf
- /etc/remote
- /etc/resolv.conf and /etc/resolv.conf.tail
- /etc/ripd.conf
- /etc/rmt
- /etc/rpc
- /etc/sasyncd.conf
- /etc/sensorsd.conf
- /etc/services
- /etc/shells
- /etc/skel/
- /etc/sliphome/
- /etc/snmpd.conf
- /etc/ssh/
- /etc/ssl/
- /etc/sudoers
- /etc/sysctl.conf
- /etc/syslog.conf
- /etc/systrace/
- /etc/termcap
- /etc/ttys
- /etc/weekly and /etc/weekly.local
- /etc/wsconsctl.conf
- /etc/X11
- /etc/ypldap.conf
- 15. System Maintenance
- 16. Network Servers
- 17. Desktop OpenBSD
- 18. Kernel Configuration
- 19. Building Custom Kernels
- 20. Upgrading
- 21. Packet Filtering
- 22. Advanced PF
- 23. Customizing OpenBSD
- A. Afterword
- Index
- About the Author
- Copyright
The Root Account
In recent years, there has been a trend toward using the privileged root account for everyday tasks on systems that have only a single user.[13] Using a privileged account to read your email and browse the Web increases your risks from both user errors and malicious attacks. While a careless keystroke by a regular user will generate only a permission denied error, that same keystroke by root might render your system unusable and destroy all your data. Even if you’re the only person using your OpenBSD system, you must use an unprivileged user account for day-to-day tasks.
If an intruder compromises an unprivileged account, the potential damage is limited only by that user’s permissions. If the compromised account handles your email and web bookmarks, you might suffer only personal embarrassment. But if that account handles system administration tasks, your intruder can inflict unlimited system damage and send you scurrying for your backup. Using a regular account for day-to-day tasks means that you can take extra steps to restrict the root account.
Perform all tasks with the minimum level of privilege necessary. If you don’t need root access to perform a task, don’t use it! For example, OpenBSD’s web server runs as the specific user www, rather than as root. If an intruder breaks into your web server and gains access your system as the www user, he can damage only the files the www user has permission to write to. Likewise, if the web server software goes into an error state and starts deleting files at random, this same principle limits the files it can delete. The least privilege approach protects the system from both intruders and its own software.
Operating systems that give every user privileged access have more problems as a result. Virus effectiveness, unexpected misconfiguration, and even crashes can be traced back to unnecessary privileged access. OpenBSD might be the most secure operating system in the world, but all those fancy security features can’t protect you from poor system administration practices.
Using the root account for routine tasks also creates bad habits. People under pressure perform what they practice. If you use root on your desktop for routine work, you’ll need to fight your habits to perform routine tasks when you work on a production server. This sort of sloppiness inevitably breeds security problems. Even on my OpenBSD desktop, where I’m the only user, I do everything as a regular user specifically to develop and maintain good sysadmin habits.
-
No Comment