[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Quoting David Bell <grimpen@xxxxxxxxxxxxxxxxxxxx>:
On Friday 31 March 2006 11:12, Steve Marvell wrote:It prevents bad habits.I can't see how it does. One can still su <browser/email whatever>. Assuming that root <me> is acting responsibly, what are the security risks?
Why would you need to run every day programs such as a browser or e-mail application as root or with Super User privledges?
As Will pointed out, it is so easy to do an rm -fr * in the wrong folder (say the root folder) and wipe out the contents of the machine - if this is say a multi user machine it could cause quite a bit of grief and maybe render the machine unuseable. I've done this myself on both a server and a desktop machine by accident!
AFAIK, the only time you'd need to be running anything as root or su is when you need to edit configuration files or start/stop services which are used by the machine globally, or applications for everyone to access everything else (even installing applications from tar balls which are only going to be used by yourself) you should be able to install it in directories which you have permission to.
Not to mention, doesn't KDE give you a bright red desktop if you login as root?
It also makes things more secure. For instance with Windows, usually the user who sets things up on Windows is given administrator rights. Anything the execute (either intentionally or by accident) also has access to the entire PC.
On Linux on the other hand, if you run a rogue script or something as a standard user, I'm guessing the worst that can happen is it can trash your home folder or directories that you have read/write permissions to?
(More experienced lug members, feel free to correct me if I'm wrong here :D) Rob -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html