Re: root login
On Mon, Apr 28, 2003 at 12:02:27PM -0700, Michael Toomim wrote:
> Jeff Waugh wrote:
> ><quote who="Michael Toomim">
> >
> >>Why is this a decidedly "good thing"? Many other distributions and OS's
> >>let users log into the graphical interface as root equivalents, and I
> >>don't see how it can possibly be that big of a security risk.
> >
> >It is far easier to 'fuck things up' in a GUI than it is on the command
> >line. Deleting /dev or /usr in a file manager, for instance, or even just
> >moving them.
>
> I don't buy it. Most desktop computers (dos, win95/98, early macs)
> don't even have a "root" concept, and all users have root-equivalent
> power -- yet I've *never* met a person who deleted their system files
> because they had root access. (I've been admin for a lot of systems.)
> This just isn't a problem that comes it in practice.
You forgot the corporate usage, where IT staff is wanting to limit what
the users can do, and have them not mess with the box, or isntall
unauthorized softwares (think games and such). In these cases it is
important to have them not run as root. Also i think being root allows
you to do more things even to other boxes on your network that a user
would be able to, altough i am not very familiar with that kind of
things.
Friendly,
Sven Luther
Reply to: