Snakebytes (long -- and poisonous?).

John Chambers jc at minya.UUCP
Sun Apr 14 01:32:24 AEST 1991 

> One of the things that makes difficult for the "novice" user as compared
> with MS-DOS is the need to administer the system---if nothing else, to
> set up accounts and passwords, start and stop the system.  

Hey, don't look now, but a lot of  those  novices  have  discovered  a
simple  way  to  solve this particular problem.  I'm talking of course
about just logging in as root and not bothering with all that security
junk.

You  wouldn't  believe  how  many users of Unix-based workstations who
view typing "root" at the login prompt and the default  root  password
at  the  Password:   prompt  as  part of the ritual of rebooting their
system.  They learned the hard way when they  installed  their  system
that  "As  a user, nothing works; as root, everything works."  So they
always run as root.

As for security, well, if that were a concernin the Real  World,  then
nobody  would  be  buying DOS system, now would they?   Running a Unix
workstation as root is no worse than running DOS in its  normal  form,
so  what's the big deal?  Sure, all those experienced hackers like the
security system, because they understand how to use it.  But the  rest
of  the  world  has a job to do.  They've wasted enough time trying to
decipher the nonsensical messages they get when they log in  as  other
than  root.   They  don't  have  the time or the patience to solve the
system's problems.  When someone gets around to building a Unix system
that  works  as  non-root,  they'll  use it, meanwhile they do what it
takes to get rid of all those incomprehensible security hassles.

Please don't bother flaming me for being such an idiot. I know as well
as you do what's wrong with the above comments. (And when I typed "su"
here an hour or so ago,  it  took  me  three  tries  to  remember  the
password; it's been months... ;-)  I'm just pointing out how badly the
Unix vendors have blown it, and how easy it is for a novice  user  who
has  no  intention of becoming a security expert to cut though all the
permission problems and get on with their jobs.

-- 
All opinions Copyright (c) 1991 by John Chambers.  Inquire for licensing at:
Home: 1-617-484-6393 
Work: 1-508-486-5475
Uucp: ...!{bu.edu,harvard.edu,ima.com,eddie.mit.edu,ora.com}!minya!jc

More information about the Comp.unix.admin mailing list