Results 1 to 6 of 6

Thread: Ideas to avoid being root 24/7

  1. #1
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default Ideas to avoid being root 24/7

    Most of the hacking tools in Backtrack require root access.

    I'd guess that the vast majority of people who use Backtrack are people who do hacking as a hobby... people who are watching videos one minute, surfing the web the next, and then running Airodump the next.

    There's no need to have stuff like web browsers and media players run as root, but currently this is how Backtrack is set up.

    So basically I'd like to hear ideas on how to conveniently set things up so that stuff like web browsers are run as a normal user, however stuff like Airodump get root access.

    Here's the beginnings of an idea I have:

    Firstly, you log into Linux as a normal user (not as root). You start KDE as a normal user. Later you create an icon on your taskbar which opens a terminal as root. This would be handy for opening a terminal to do stuff like run Airodump.

    However the next problem would be how to deal with running GUI applications such as Ettercap from the KDE menu. I'm thinking maybe the SUID bit for file permissions might come in handy here.

    I've only spent a few minutes thinking about this so I haven't much to say at the moment, but when Backtrack 4 Final comes out I'll be installing it as my main OS, and I don't wanna be logged in as root all the time (however I do want to be able to conveniently use the hacking tools).

    Any other thoughts or ideas, throw them out there.
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

  2. #2
    Senior Member fnord0's Avatar
    Join Date
    Jul 2008
    Posts
    144

    Default

    FYI, backtrack 4 pre final installer (ubiquity) requires you create a user account. no more running root 24x7.
    as far as your post is concerned, you don't gotta SUID anything.... just sudo it =)
    'see the fnords!'

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    This is the whole idea behind sudo. You can set the visudo file so that your user does not require a password to make it more convenient.

  4. #4
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default

    I haven't got the latest Pre-Final so I can't have a look at the KDE menu items.

    In BT4 Beta though, if you go to the KDE menu, go to Wireshark, right-click and hit Edit Item, the command for Wireshark is as follows:

    Code:
    wireshark
    In the Pre-Final, has this been changed to the following?

    Code:
    sudo wireshark
    If it has not been changed, then you won't be able to use Wireshark properly (unless I'm missing something).

    When I used Xubuntu, I think they did something like "gksu -u root wireshark" in order to run Wireshark as root. When you clicked on the icon for Wireshark, the entire screen would darken and it would bring up a dialogue box for you to enter your root password. Is this how it works in the Pre-Final?
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

  5. #5
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Ive been running BT4 Beta as non root pretty much since it came out, and havent had too much of an issue with this.

    When I need a root shell I just use "sudo -s" or "su", and when I need to run a GUI app with root privileges I either start it from a terminal using sudo and background it (e.g. "sudo <command> &") or I run it using alt-F2 using the different user option, or I use kdesu. Where required I have also modified a number of the KDE menu commands to "run as a different user", or to run via kedsu.

    Theres an embarrassment of options for managing the process of running BT as a non root user, and more of the tools than you might think work fine not running as root, so it shouldn't be too much of a hassle for anyone...
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  6. #6
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    18

    Default

    Is there any way to do the opposite... with Ubiquity it creates a username and I'd much rather just run as root.....

    I tri-boot windows XP (olf faithful) / Windows 7 (shits and giggles) / BT4 Beta

    the thing is when I want to do something in BT4 i boot into it and do it... such as scanning our network with nmap or playing with netcat... with such limited use is there another way to keep root 24/7 and forget about dealing with non-privaleged users?

    This is afterall an OS built for power-users doing penetration testing... it seems unneccessary to have to get into root to run apt-get..... as somone said before it isn't your everyday linux distro made to do everything, it's fairly specific

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •