Login and Security Manager
June 02, 2013 —
BarryK
Was it yesterday that I posted that Woof has reached another "plateau" for awhile? Heh heh.
For awhile now, Puppy has had a Login Manager, in the System menu, but it doesn't do much. I have greatly enhanced it and renamed to Login & Security Manager.
Kirk and jamesbond pioneered running Internet applications as user 'spot' for FatDog, even though you yourself are logged in as the administrator (root). This provides extra security while surfing the web, while at the same time allowing you the convenience of unfettered usage of your local system.
I decided to take a fresh look at this, and have got SeaMonkey running very nicely as 'spot'. SM is the only Internet app so far with this new feature.
I have added the choice in the 3builddistro script in Woof, to default to SM running as root or spot.
There is a new Login & Security Manager that allows flipping SM between root or spot. Snapshot:
Of course, we do have 'fido', which can be chosen when the save-file is created. This will then mean that everything will run as fido, not root. However, this mode is still not fully debugged.
There is a new script in Woof, support/setup-spot, that gets copied to /usr/sbin in the Puppy build.
Woof commits:
http://bkhome.org/fossil/woof2.cgi/info/bd484a7933
http://bkhome.org/fossil/woof2.cgi/info/9ed8d37764
Comments
root v. user(s)Username: Sage
Guaranteed to confuse the natives. One guess why incomers like Puppy so much and have kept it so high in DW PHR all these years?! If it ain't broke, don't fix it. Security is an illusion. Got to stay one jump ahead of the cyber criminals. Barriers are an inducement to jump over. Your best students are the ones who benefit so much from your excellent teaching that they end up doing better than you. [i]ipso facto[/i] gotta think ahead [b]all[/b] the time!
"as root"
Username: BarryK
"Hmmm, it was after midnight when I was putting the final touches to the Login & Security Manager. Looking at that snapshot over breakfast this morning, I think the disclaimer needs to be toned down a bit. Just taking out the "as root" should do it -- otherwise, it reads like the user is taking some kind of risk running as root, which is not the message we want to convey. Maybe even a help button that goes to that very long Forum thread that discusses the pros and cons of root, would be helpful. Is there a Forum thread that discusses the advantages of spot?
Login and Security Manager improved
Username: BarryK
"I have improved the Login and Security Manager GUI and re-uploaded the snapshot -- you might need to refresh this page. I have created two new help pages in Puppy, accessed by those Help buttons. I have also uploaded those help pages to puppylinux.com: [b]About root, spot and fido[/b] http://puppylinux.com/technical/root.htm ...makes a pretty good argument for using spot, hey? [b]Puppy Linux Legal statements[/b] http://puppylinux.com/legal.htm Woof commit: http://bkhome.org/fossil/woof2.cgi/info/03e38f43a1
Root vs spot
Username: jamesbond
"That's a good write-up. I was a little late to mention this information, but for whatever it is worth, it is here: http://distro.ibiblio.org/fatdog/web/faqs/login.html - it's the same idea as what's written in your document. It's a little long - but TL;DR is: === when you run network programs as 'spot' (which has very few rights), if those programs are broken and somebody gets hold of your machine remotely, the only thing they can clobber is spot's stuff (home directory, etc), they can't get elsewhere. Of course, for this to work, the key is to make sure that 'spot' cannot too much. === In Fatdog, the run-as-spot has been consolidated as a script. No need to change permissions on /root folders etc. If you are interested I have posted the script here: http://murga-linux.com/puppy/viewtopic.php?p=706618#706618. cheers!
Spot less
Username: ted dog
"Please review spot in FatDog64 and please move it out from under root folder, also, make it clear that files will corrupt while downloading if spot (AKA like FatDog64) permissions are changed with a automated daemon. I do not care for the issues this method of protecting me from myself causes. However do look at FatDog64 sandbox methods as a way to run spot and root at the same time.
Ahem
Username: Sage
""if those programs are broken and somebody gets hold of your machine remotely, the only thing they can clobber is spot's stuff (home directory, etc)" If I were running as spot, which I'd never do willingly with Puppies, the [i]only[/i] thing I wouldn't want clobbered would be my home directory. Everything else is common and can be reinstalled. The entire edifice is unnecessary with a compact distro. Paranoids have the option of running from liveCD, or USB key/SDcard with the switch down. Career criminals will be way ahead of the game because the mob pays most. If they screw up, it's curtains. Apart from which, despite the misdirection about government agencies having legitimate access to cyber data, I never heard (one doesn't anyway) that the US and UK/EU agencies switched off Carnivore and Echelon (or their successors). Nor, for that matter, that the M$ server farm in Hanford. striving to 'provide a better software experience' for it's patrons, stopped saving everything ever transmitted (and a lot that isn't) for users of their appalling $$$-generating cr*p. So let's have a rational discussion about what our greedy snooping society is [i]really[/i] like rather what we'd like it to be. 'They' already know who you are and where you live and probably what you've got (haven't got?!) in your bank. Spot & Fido begone.
re why root
Username: BarryK
"jamesbond, Thanks for that link, is explains root and spot very nicely, better laid out than mine I think, with the Q&A format and nice colours. I have added a link to it in my page: http://puppylinux.com/technical/root.htm
passwords
Username: L 18 L
"For me the most interesting in fatdog/faq was: gtksu ask for root password, not user's password
Login&Security Manager rewritten
Username: BarryK
"I have substantially rewritten 'loginmanager' and 'setup-spot', to generalise the handling of apps to be run as spot. This was inspired by 'run-as-spot' written by jamesbond, which I have put into Woof, /usr/sbin/run-as-spot, with tiny changes. I rewrote loginmanager and setup-spot to handle any number off apps that we would want to run as spot, with the ability to revert to root. Woof commits, latest first: http://bkhome.org/fossil/woof2.cgi/info/e6302b7af7 http://bkhome.org/fossil/woof2.cgi/info/61fef2c12d
Tags: woof