Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.3: Make Palm HotSync work in Panther' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.3: Make Palm HotSync work in Panther
Authored by: Eravau on Nov 03, '03 12:25:22PM
Before OS X every Mac user had the equivalent of root access to their computers. And yet somehow...their computers didn't explode on a dialy basis. Why are some of you so paranoidly frightened of root?

No, you probably don't need to be logged in as root very often, but saying "You should never log on as root." as if it's the end of the world is just plain silly.

[ Reply to This | # ]

10.3: Make Palm HotSync work in Panther
Authored by: babbage on Nov 03, '03 02:19:41PM

Sorry, no, foobar is right -- the burden of proof is on those who would advocate using the root account to justify why this makes any sense -- EVER.

Comparing OSX to OS9 is a straw man. OSX is not OS9. It is not a classical Mac system. It is BSD, it inherits from a 30 year old Unix heritage, and it inherits a clean, well designed bundle of security mechanisms, one of which is that non-priviliged users are deliberately prohibited from doing certain things.

Working as the root user COMPLETELY CIRCUMVENTS 30 YEARS OF ACCUMULATED WISDOM FOR HOW BEST TO WORK ON A UNIX SYSTEM. There MAY, under SOME extreme circumstances, be a good justification for doing this, but honestly such situations are best left to sysadmins and the tech staff at your local repair shop. For everything else, the sudo command is almost ALWAYS a better alternative.

There's a good reason why your car has a sturdy metal casing around the engine, with a firewall between the engine and the passenger compartment and a hood & fenders encasing the rest of the engine chamber. Sometimes it makes sense to reach in there and work on something: popping the hood, doing the repair, and then closing it again is roughly equivalent to using sudo access. On the other hand, working as root is more like dismantling that firewall and throwing the hood away, because you're so 'leet and you want to be able to reach into the engine at any time, because hey it wasn't much harder to get into the Model T's engine, so why should it be "protected" today. This is a really silly point of view, and a terrible habit to get into.

I really, really, really wish this site would stop publishing hints that advocated doing things as root. It's very irresponsible.

---
--
DO NOT LEAVE IT IS NOT REAL



[ Reply to This | # ]
10.3: Make Palm HotSync work in Panther
Authored by: robg on Nov 03, '03 03:06:37PM
I am a firm believer in the tennant that everyone is a master of their own machine. If a certain fix seems to work when logging in as root, then I'm going to publish it. Notice that I did not explain how to login as root, how to enable the root password, or any of that other stuff. If one has figured that out for themselves already (yes, it's all documented here), then they're perfectly capable of deciding whether they want to risk a root login to fix their problem or not.

Logging in as root isn't good. And with apps like Pseudo, it may not even be required. But my job here is to try to document ways of doing stuff in OS X, and this particular example denotes a solution that requires logging in as root. So I chose to publish it, and I think I will always make such decisions. Maybe I'll just start adding an obligatory root tag line: "Logging in as root can be dangerous and many people claim it's never necessary. Procced at your own risk, assuming you've already figured out how to enable root."

-rob.

[ Reply to This | # ]
10.3: Make Palm HotSync work in Panther
Authored by: foobar104 on Nov 04, '03 10:00:33AM
If a certain fix seems to work when logging in as root, then I'm going to publish it.

That's not the greatest selection criteria in the world, I think. The question ought to be not whether a given root-related hint works or not. It should be whether it's necessary or not. Because as soon as you tell somebody to enable the root account on his computer, you're giving him the gun and the bullets. When you tell him to log in as root, you're pointing the gun at his foot and putting his finger on the trigger. One wrong twitch and it's all over.

Hints involving logging in as the root user should, in my unsolicited opinion, only be published when there is no other option. And I, personally, have never encountered a situation where there was no other option but to log in as root. Especially in this case; I installed Panther, then Palm Desktop (from the Palm website; whichever version is currently available), then the Palm iSync conduit, and had absolutely no problems. It works perfectly. So it's obvious that root access is not required.

[ Reply to This | # ]

10.3: Make Palm HotSync work in Panther
Authored by: danelgran on Nov 04, '03 12:04:53PM

Hey!

Its my Mac!!! If I want to log in as root....thats MY problem. If I break my Mac, its my fault. Nobody's twisting my arm to actually use the hint.

Bottom line -- I'd rather know about the hint than not....its up to me if Im gonna use it.





[ Reply to This | # ]
10.3: Make Palm HotSync work in Panther
Authored by: huzzam on Nov 06, '03 06:13:18PM
Hints involving logging in as the root user should, in my unsolicited opinion, only be published when there is no other option. And I, personally, have never encountered a situation where there was no other option but to log in as root. Especially in this case; I installed Panther, then Palm Desktop (from the Palm website; whichever version is currently available), then the Palm iSync conduit, and had absolutely no problems. It works perfectly. So it's obvious that root access is not required.

For you. I installed Panther (clean install), downloaded the Palm installer, and it won't install, complaining that "access was denied" (how War Games!). Sounds a lot like a permissions problem to me. Just because you didn't have a problem doesn't mean that no one is having it. And probably until Palm fixes their installer, the only way I'll be able to install is by installing as root.

Besides, there's no security difference between logging in as root to install something, and typing in your administrator password when an installer asks for it. Both mechanisms grant the installer root-level access. Do you never type your administrator password?



[ Reply to This | # ]
10.3: Make Palm HotSync work in Panther
Authored by: babbage on Nov 04, '03 12:28:21PM
I am a firm believer in the tennant that everyone is a master of their own machine.

Sure, I'm not arguing against that. But just because it's possible to turn off the safety net that a disabled root account gives you doesn't mean it's wise to do so, even if you're a very competent admin of your own machine. The account is disabled as a safety mechanism -- protecting you from yourself, protecting you from malicious intruders, and protecting the world from misconfigured systems. Sometimes, things you want to do require escalated priviliges, but circumventing the protections on root is not the responsible way to acquire those priviliges. Think of the root account like a lockbox or safe -- the box and its contents are yours, but that doesn't mean it makes sense to leave it open all the time.

If a certain fix seems to work when logging in as root, then I'm going to publish it.

And that is what seems irresponsible to me. In every case I've read where a tip on this site tells the user to log in as root, it's almost always safer, easier, and even faster to do the same thing with sudo or Pseudo.

I'm not saying not to publish the hints -- they're a great resource! But I am saying that, as a responsible editor, the responsible thing to do would be to edit them. If the hint submitter suggests using root without justifying it, consider having the submitter rewrite the hint using sudo or Pseudo. If the submitter can't or won't make the change, consider doing it yourself. But please, please please don't run sloppy advice like this -- it dilutes the quality of the site for those who have been burned by such advice in the past.

Notice that I did not explain how to login as root, how to enable the root password, or any of that other stuff. If one has figured that out for themselves already (yes, it's all documented here), then they're perfectly capable of deciding whether they want to risk a root login to fix their problem or not.

This is where I disagree most strenuously. Advice about how to enable the root account gets passed around so much out of what seems to be nothing more than ignorance about better, safer ways to do things. Just because someone figured out how to turn on root does not mean they know what they're doing -- chances aren't bad that they're just cargo culting a bad habit they picked up from some HOWTO site that also didn't know any better.

I know how to pop my car's hood. I do not know how to change the transmission. That doesn't mean that I couldn't learn, or that I might not have a good reason to have to try it some day, but just because I might, someday need to be able to rebuild my transmission does not mean that it makes any sense for me to leave the hood off all the time just in case I feel like poking around at some future date.

For that matter, it seems like skilled mechanics also leave their cars' hoods closed most of the time. Curious, eh?

Logging in as root isn't good. And with apps like Pseudo, it may not even be required. But my job here is to try to document ways of doing stuff in OS X, and this particular example denotes a solution that requires logging in as root.

But that's the thing -- did the essential quality of this hint depend on the user turning off the safety check of the disabled root account, or was there some safer way to do this? Clearly, there were other, better, ways to do it. Running bad advice can be almost as bad as running no advice at all.

Maybe I'll just start adding an obligatory root tag line: "Logging in as root can be dangerous and many people claim it's never necessary. Procced at your own risk, assuming you've already figured out how to enable root."

That would be a fair start, but as I say above, an even better approach would be to actively discourage hint submitters from advocating such behavior. Like I say, almost every hint I've seen that suggested using root could easily be rewritten in such a way that the same task can be accomplished without putting the user's system security at such risk.

Like I said in my earlier post, the burden of proof should be on anyone advocating such unrestricted use of the root account. Such legit uses may exist, but I can't think of any, and I've been a sysadmin for a while now. With such easy & safe options as sudo and Pseudo, I have a hard time seeing why people keep advocating the much riskier, much more archaic alternative of an unrestricted root account.

----

My I wrote a lot, didn't I? Well I hope this comes across as constructive, and not just pedantic -- I really do think that the site would be a stronger resource if this kind of irresponsible advice didn't keep getting casually tossed around, and I hope you see how easy it could be to clean up the situation a bit. Please consider it -- thanks.

---
--
DO NOT LEAVE IT IS NOT REAL


[ Reply to This | # ]

10.3: Make Palm HotSync work in Panther
Authored by: robg on Nov 04, '03 08:21:39PM

Constructive tone noted and understood (and after three years, I've learned to take nothing personally! :-). Given the realities of time management and hint submissions, getting authors to re-write their submissions, and explaining why, is simply not feasible. Similarly, I dislike changing what others have written (beyond correcting grammar, spelling, and formatting), so I'm not inclined to change it myself.

However, I agree in principle with your some of your statements on root, so I will do my best to remember to add a root disclaimer whenever such a hint is published (they are few and far between -- if I'm remembering correctly, there might be 10 or 20 in the database overall). Perhaps I'll even make it a hint in and of itself, and then I'll just link it in the disclaimer: "See this hint for a way of doing this without physically logging in as root" or somesuch.

-rob.



[ Reply to This | # ]
10.3: Make Palm HotSync work in Panther
Authored by: daggerquill on Nov 04, '03 10:27:22AM

This is a myth, and a limiting and potentially dangerous one at that. There are no inherent problems with logging in as root in terms of system stability or security. The practice of not logging in as root developed as a way to protect systems with multiple administrators: the dangers are that someone will forget that they are logged in as root and accidentally do some damage, or that in an environment where the system is being constantly customized and extended that some program run from root will have unexpected consequences--probably due to a bad relative path--and hose the system. root functionality, however, is vital to system administration. And I don't mean just giving programs an administrator password to install software, I mean really going in once in a while and poking around to make sure everything looks right. On traditional UNIX systems, sudo and su provide this functionality for administrators, but permissions in Aqua don't work in traditional ways, so for a normal user to effectively administer and secure his/her system, he/she needs to occasionally log in as root. And if it is a simple way to handle or avoid permissions issues, why not? It's really no different that using sudo to launch a graphical installer in other Unices, expcept that OS X doesn't really allow users to run programs as other users effectively in the Finder.

As long as useres understand that they shouldn't be using it as a normal account to check mail, read macosxhints, etc., it is a useful and necessary tool. Would I prefer that there be other other ways of doing things? Sure, and PSuedo may be part of that way, but only part. Until Apple truly incorporates that functionality as part of the system itself, people are going to need to use the root account if the are unwilling or unable to learn the cli. OS X isn't UNIX. It's not BSD; it's BSD-based, and some of the old truisms just don't apply.

---
Always remember: pillage *before* you burn



[ Reply to This | # ]
10.3: Make Palm HotSync work in Panther
Authored by: foobar104 on Nov 04, '03 03:05:52PM

I consider myself to be a knowledgeable UNIX system administrator. I've been doing it for over a decade now, and I've seen a lot of things. I can find my way around in the dark, as it were.

I never, ever, EVER log in as root. Why? Because one time, just one time, I screwed myself.

I had a tar file in my home directory. I un-tarred it only to find that the resulting directory and all the files in it were owned by somebody else. No problem, I thought to myself. I'll just change the ownership on the directory.

I changed directories into the directory in question:

% cd foo

I became the superuser.

% su
Password:

I recursively changed ownership of the directory.

# chown -R me.mygroup .

At least, that's what I meant to do. Have you ever noticed that the dot and the slash are right next to each other on the QWERTY keyboard? That's right, kiddies, I typed, as root, the following magical incantation:

# chown -R me.mygroup /

The computer dutifully obeyed--I was root, after all, so it was assumed that I knew what I was doing. It started at the top of the filesystem and began changing the ownership of all the files on the computer. One by one. In alphabetical order, depth first.

It had already made it all the way through /bin by the time I slammed the interrupt key.

That was the day I learned that the computer I was using couldn't boot, not even into single-user mode, if the Bourne shell executive wasn't owned by root. Because /bin/sh was owned by me, not by root, I couldn't do ANYTHING. I couldn't even run any shell commands because the computer was unable to fork due to the permissions problem.

The only solution was to reinstall my OS.

All because of a typo.

Tell me again how, "There are no inherent problems with logging in as root in terms of system stability or security."



[ Reply to This | # ]
10.3: Make Palm HotSync work in Panther
Authored by: huzzam on Nov 06, '03 06:40:38PM

The exact same thing would have happened if you had typed:

$ sudo chown -R me.mygroup /

which is what the "anti-root faction" ;) is advocating. The fact is that you wanted to change the ownership of a directory tree owned by root. The only way to do that is by somehow getting root-level access, whether through logging in as root, su'ing to root, or using sudo. They all carry exactly the same risk.



[ Reply to This | # ]
10.3: Make Palm HotSync work in Panther
Authored by: JayBee on Nov 07, '03 11:29:01PM

True-ish, but there's always the handy "please enter your password" breaker to let you think and go "uh-oh" ;)



[ Reply to This | # ]
10.3: Using Root to make Palm HotSync work in Panther
Authored by: gdouglas on Nov 04, '03 07:29:23PM

Personally I have never had to log in as root. Of course, I haven't upgraded to Panther yet either, and I am holding off until other good folks have blazed a path for me that is completely "root free".

However it is interesting to me that Apple specifically refers to logging in as root to manually back up all users in their article at
http://docs.info.apple.com/article.html?artnum=106941

Also Apple recently posted this article on enabling root in Panther and, per the article, has included those instructions in the Panther help file:
http://docs.info.apple.com/article.html?artnum=125136

I would love to know what Apple thinks of using root to force installations.

Although I am resisting it, I guess eventually all us Mac-using people are all going to wind up knowing our way around Unix. And we will probably learn to tiptoe very carefully over any "roots" in our path.

---
G. Douglas



[ Reply to This | # ]