I have a few Linux servers at home that I regularly remote into in order to manage, usually logged into KDE Plasma as root. Usually they just have several command line windows and a file manager open (I personally just find it more convenient to use the command line from a remote desktop instead of directly SSH-ing into the system), but if I have an issue, I’ve just been absentmindedly searching stuff up and trying to find solutions using the preinstalled Firefox instance from within the remote desktop itself, which would also be running as root.

I never even thought to install uBlock Origin on it or anything, but the servers are all configured to use a PiHole instance which blocks the vast majority of ads. However, I do also remember using the browser in my main server to figure out how to set up the PiHole instance in the first place, and that server also happens to be the most important one and is my main NAS.

I never went on any particularly shady websites, but I also don’t remember exactly which websites I’ve been on as root, though I do seem to remember seeing ads during the initial pihole setup, because it didn’t go very smoothly and I was searching up error messages trying to get it to work.

This is definitely on me, but it never crossed my mind until recently that it might be a bad idea to use a browser as root, and searching online everyone just states the general cybersecurity doctrine to never do it (which I’m now realizing I shouldn’t have) but no one seems to be discussing how risky it actually is. Shouldn’t Firefox be sandboxing every website and not allowing anything to access the base system? Between “just stop doing it” and “you have to reinstall the OS right now there’s probably already a virus on there,” how much danger do you suppose I’m in? I’m mainly worried about the security/privacy of my personal data I have stored on the servers. All my servers run Fedora KDE Spin and have Intel processors if that makes a difference?

  • lemmyvore@feddit.nl
    link
    fedilink
    English
    arrow-up
    3
    ·
    10 months ago

    You seriously need to stop what you’re doing. Log in with ssh only. If you need multiple terminals use multiple ssh sessions, or screen/tmux. If you need to search something do it on your desktop system.

    The server should not have Firefox installed, or KDE, or anything related to desktop apps. There’s no point and nothing good can come of it.

  • taladar@sh.itjust.works
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    but no one seems to be discussing how risky it actually is.

    That is because people stopped doing it ages ago.

    But shouldn’t Firefox be sandboxing every website and not allowing anything to access the base system?

    Security is always a matter of layers. Any given layer can fail some of the time but you want to set up your security so situations where all the layers fail together are rare.

  • remotelove@lemmy.ca
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    Your frame of mind is “dangerous”. If you are browsing on your servers as root, you need to not manage servers anymore. If that sounded harsh, learn about attack surface area first and then I might let you back in the server room.

    You won’t find discussions about running browsers as root because it’s not something you should need to discuss. Also, you don’t need to be browsing “shady” websites to get compromised. Get that myth out of your head.

    find it more convenient to use the command line from a remote desktop instead of directly SSH-ing into the system

    How is extra steps and added latency more convenient? The latency of a console via remote desktop would drive me crazy. Hell, I haven’t installed any kind of desktop environment on Linux server for over 20 years. It’s not needed and a waste of resources. Who needs file managers anyway?