Following these instructions resulted in me connecting to the Haiku machine as root (named "user" but with user ID zero and thus root rights). I was able to "kill" processes run by the desktop user and so on.
> Root can't even replace system files anymore due to packagefs
While packagefs prevents a naive user from being able to modify their system files, it actually makes it easier for an attacker because you can just add a package to modify things or remove one that's in your way.
Even after creating a separate non-root user and logging in to that rather than the root equivalent user, I was able to continue manipulating the system in this way without trouble, at first removing documentation in the desktop user's language and then gradually replacing software with my own.
> Following these instructions resulted in me connecting to the Haiku machine as root (named "user" but with user ID zero and thus root rights). I was able to "kill" processes run by the desktop user and so on.
Well ... yes, because you set the sshd to allow root login, and then logged in as the root user. This is the intended behavior, yes? You can leave that option off, `adduser`, and then log in as the new user instead.
> Even after creating a separate non-root user and logging in to that rather than the root equivalent user, I was able to continue manipulating the system in this way without trouble, at first removing documentation in the desktop user's language and then gradually replacing software with my own.
Hmm, well, that is a bug then; last I tried I thought this was impossible. Perhaps the directory permissions on /system/packages are incorrect.
I followed these instructions on a live Haiku Beta ISO:
https://www.haiku-os.org/guides/daily-tasks/netservices/
Following these instructions resulted in me connecting to the Haiku machine as root (named "user" but with user ID zero and thus root rights). I was able to "kill" processes run by the desktop user and so on.
> Root can't even replace system files anymore due to packagefs
While packagefs prevents a naive user from being able to modify their system files, it actually makes it easier for an attacker because you can just add a package to modify things or remove one that's in your way.
Even after creating a separate non-root user and logging in to that rather than the root equivalent user, I was able to continue manipulating the system in this way without trouble, at first removing documentation in the desktop user's language and then gradually replacing software with my own.