[PLUG] Stupid newbie file permisions question

Wed May 18 05:23:26 UTC 2005

John Jason Jordan wrote:
> On Tue, 2005-05-17 at 21:25 -0700, Paul Johnson wrote:
> 
> 
>>>I tried everything, but can't figure out how to give myself permission
>>>to see those files in the Nautilus file manager window. I typed su and
>>>my password in a command line, but Nautilus remains unimpressed.
>>
>>su only affects the shell you're currently in, not the desktop environment.
> 
> 
> How do I make it affect the desktop environment?
> 
> 
>>>OK, in Windows I am user jjj, but I am also the Administrator account.
>>
>>Which is just as bad as running as root, since Administrator gives you the
>>same privleges as root in that environment.  You shouldn't run as
>>administrator.
>>
>>
>>>During Windows 2000 installation it creates the Administrator account
>>>and you have to create a password for it. Then you can create a user
>>>account to use for ordinary daily work. But when I created the jjj
>>>account I gave it administrator privileges. Now jjj can do anything on
>>>that machine that Administrator can do.
>>
>>Congratulations, you've created a second root account and you're logging in as
>>root.  Setting up a second account to do daily stuff in with administrator
>>privleges negates any and all security benefit gained by setting up a user
>>account.  (And people wonder why Windows users spread so many viruses...)
> 
> 
> I started with Windows twelve years ago with a new Windows NT 3.1
> computer. I have always given my user account full administrator
> privileges. I have also also always had an internet connection, although
> with cable only for the past three years. I have NEVER had a virus, worm
> or other nasty. Mind you my computers are behind a router and firewall.
> And I do not use Microsoft products other than the OS -- no Outlook,
> Internet Explorer, etc.

The concept of least privilege is not only for virus/worm/other nasty 
stuff.  It is also useful to keep you from shooting yourself in the foot.

>>>On this Linux machine I am root and I am also jjj. I just spent the past
>>>hour and a half reading about ACLs, but none of it made any sense to me.
>>>Plus finals are coming up in three weeks and I'm running out of time.
>>>How can I give jjj permanent root permission?
>>
>>DONT!
> 
> 
> OK, just tell me how to make the Nautilus file manager let me see and
> manipulate the files on my disks. I just can't use this computer if I
> can't see all the files on it. This is a standalone computer, not a
> workstation in a mega corporate setting. It's not like there's a system
> administrator I can call up to fix something for me. The system
> administrator is me.

Rather than trying to elevate your user accounts privileges to root, try 
learning how to change the permissions/ownership on the resource you are 
trying to access so that your unprivileged account can access it.  This 
will allow you to get what you need done, as well as avoid having 
privileges that can delete your entire hard drive with a single 
no-confirmation command (rm -rf /).

It can be frustrating, since the simple solution is just to do what 
Windows does.  But learning how to do it the *NIX way will be worth it 
for you in the end.  Besides, it is my understanding that MS will be 
moving away from the administrator-as-your-daily-account philosophy with 
Longhorn.

In closing, some light reading material:
http://ldp.dimstar.net/linuxfocus/English/January1999/article77.html
http://ldp.dimstar.net/HOWTO/DOS-Win-to-Linux-HOWTO.html
http://ldp.dimstar.net/HOWTO/Flash-Memory-HOWTO/index.html

If you're using a RedHatish (i.e. Fedora) distro, the RHEL4 
documentation can be good too:
http://www.redhat.com/docs/manuals/enterprise/

The intro to sysadmin one might be good for ya.  If you feel like 
melting your brain, try reading the SELinux guide.  Ugh.

Jason