Re: root login

To: Michael Toomim <toomim@OCF.Berkeley.EDU>
Cc: debian-gtk-gnome@lists.debian.org
Subject: Re: root login
From: Jeff Waugh <jdub@perkypants.org>
Date: Sun, 27 Apr 2003 12:52:46 +1000
Message-id: <[🔎] 20030427025246.GB4889@lazarus>
Mail-followup-to: Michael Toomim <toomim@OCF.Berkeley.EDU>, debian-gtk-gnome@lists.debian.org
In-reply-to: <[🔎] 3EAAF3B3.1020303@ocf.berkeley.edu>
References: <[🔎] 1051280874.3ea945eac5fb1@mail.dominicanrepublic.com> <[🔎] 20030425164022.GC494@lazarus> <[🔎] 1051291323.3ea96ebb18853@mail.dominicanrepublic.com> <[🔎] 20030426043435.GF494@lazarus> <[🔎] 3EAAF3B3.1020303@ocf.berkeley.edu>

<quote who="Michael Toomim">

> Jeff Waugh wrote:
> >That's GDM not letting you log in then, which is a good thing. :-) Always
> >use X / GNOME / KDE as a normal user, not root.
> 
> Why is this a decidedly "good thing"?  Many other distributions and OS's
> let users log into the graphical interface as root equivalents, and I
> don't see how it can possibly be that big of a security risk.

It is far easier to 'fuck things up' in a GUI than it is on the command
line. Deleting /dev or /usr in a file manager, for instance, or even just
moving them.

root is god. root can damage hardware. root can destroy an entire system in
an instant. It just does not make sense to use the GUI as root. You don't
need to. You don't need the power. You don't *want* the power.

Every time I see an NT desktop user logging in as Adminstrator, I cringe.
Every time I see a Linux desktop user logging in as root, I hide under the
table.

> Users can log into the command prompt as root.  They can even run startx
> as root.  But they can't log into GDM as root?
> 
> This sounds like highly unnecessary paranoia to me.

Sounds like a sensible by-default option to stop people doing stupid things
(be it on purpose, by accident, or without knowing what they're doing) to
me.

- Jeff

-- 
GU4DEC: June 16th-18th in Dublin, Ireland             http://www.guadec.org/

   "The ability to procrastinate is what separates us from the machines."
                     - Chris Gregory, Desktop Magazine

Reply to:

Follow-Ups:
- Re: root login
  - From: Colin Walters <walters@verbum.org>
- Re: root login
  - From: Michael Toomim <toomim@uclink4.berkeley.edu>

References:
- root login
  - From: Jenner Almánzar <naldiello@dominicanrepublic.com>
- Re: root login
  - From: Jeff Waugh <jdub@perkypants.org>
- Re: root login
  - From: Jenner Almánzar <naldiello@dominicanrepublic.com>
- Re: root login
  - From: Jeff Waugh <jdub@perkypants.org>
- Re: root login
  - From: Michael Toomim <toomim@OCF.Berkeley.EDU>

Prev by Date: Re: root login
Next by Date: Re: root login
Previous by thread: Re: root login
Next by thread: Re: root login
Index(es):
- Date
- Thread