[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Friday 31 March 2006 9:05 pm, David Bell wrote: > Is there a *security* > risk using Root logins, for purely administering the system, versus su/sudo > as a user. You can't just be "administering the system" when logged into a GUI desktop as the root user. All manner of GUI related code is being run to support the GUI itself. This therefore increases the relative risk because it simply increases the amount of code being run as the root user. On a simple basis of chance, the number of vulnerabilities will increase as will the probability that one of those vulnerabilities will be triggered - independent of any user error. > > In all cases, the user account is preferable A large proportion (some may say all) of desktop code is written as user-level-only code - i.e. it is written, tested and debugged in the expectation that it will be run as an ordinary user, not root. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/
Attachment:
pgpHU13oFZzPs.pgp
Description: PGP signature