Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 6 Dec 1995 13:36:53 -0700 (MST)
From:      Barnacle Wes <wes@intele.net>
To:        ANDRSN@HOOVER.STANFORD.EDU (Annelise Anderson)
Cc:        questions@FreeBSD.org
Subject:   Re: Why not to login as root, etc.
Message-ID:  <199512062037.NAA15055@intele.net>
In-Reply-To: <01HYDAL9SBYQ0068QE@HOOVER.STANFORD.EDU> from "Annelise Anderson" at Dec 3, 95 11:32:42 am

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
John Goerzen asked:
% PS How do you ctl-alt-del from FreeBSD?

To which somebody replied:
] NEVER, NEVER, NEVER use ctrl-alt-del from within any OS other than DOS.  
] That includes FreeBSD.  NEVER use ctrl-alt-del from within FreeBSD.
] 
] To reboot, login as root and type:
] 
] shutdown -r now
] 
] Rebooting with ctrl-alt-del can corrupt your filesystems and cause data 
] loss.  Sorry for yelling, but this is a very important point.

Annelise queried in response:
> Yes, but if shutdown is unavailable....the system is locked up....perhaps
> ctrl-alt-del is a better option than turning off the power altogether or
> hitting the reset button.  "Back channel" communications among new users
> (new to Unix & FreeBSD) suggest that quite a few of us have depended on
> ctrl-alt-del until we figured out shutdown, and with no ill effects.  As
> someone wrote to me, "You don't even have to be logged in as root!"

This, to me, is a really good reason to disable this feature.  Do you
really want anyone who walks by to be able to reboot your machine?
I don't.  I can't keep my screensaver active for my cat walking on the
keyboard, pushing the mouse around, and stomping on the mouse buttons.
What if she could reboot the computer, too?  Uck!  Believe me, she'd 
learn how to do it!

On the other hand, if your UNIX system vendor put a C-A-Del in the
console driver, you'd at least expect it to flush the buffer cache
before bringing the system down.


> It would be interesting to have a more complete explanation of the problem
> and the options here, as well as the admonition "Don't log in as root,
> use su."  Why not?  A user id of 0 results in either case.

The root .login tells you "Don't log in as root, use su." to encourage
you to limit the amount of time you spend logged in as root.  Most
experienced X11 users probably have a menu item or icon that creates an
xterm logged in as root, or have a "workspace" (ctwm, vue, etc.) with
a root login session instead.

Doing your general work logged in as root is a bad idea, even if you're
the system administrator, because it affords you very little protection
from stupid mistakes.  If, on the other hand, you're logged in to your
normal, unprivileged account and type "rm -rf /tmp /*" instead of
"rm -rf /tmp/*" you'll only be deleting your own personal files rather
than the entire system.

Being logged in as root for everyday work is rather like riding a
motorcycle naked in a snowstorm: don't do it unless you really have to.
If you have to, limit your exposure as much as possible.  ;^)

-- 
   Wes Peters	| Yes I am a pirate, two hundred years too late
    Softweyr 	| The cannons don't thunder, there's nothing to plunder
   Consulting	| I'm an over forty victim of fate...
 wes@intele.net	|					Jimmy Buffet



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?199512062037.NAA15055>