Re: segfault in mozilla-browser-0.9.4-3 postinst
On Mon, 1 Oct 2001, Branden Robinson wrote:
> On Mon, Oct 01, 2001 at 07:36:50PM -0600, Jason E. Stewart wrote:
> > "Ethan Benson" <erbenson@alaska.net> writes:
> > > > Ok. I lied, galeon only works for root. If I try to run it as a
> > > you should not even be trying that, ever.
> > Advice is good, reasons are even better. Why shouldn't I run it as root?
> Read Bugtraq.
I'll try to be more informative than the above person. It is sometimes OK
to run Galeon as root, but the best policy is to avoid running any complex
network software as the root user. The root user should not run any mail
reader, any news reader, and certainly not any web browser. These complex
applications can have flaws that allow execution of arbitrary code as the
user of the application. With network programs, these flaws can be
exploited by people anywhere on the network.
Thus running complex network software as root may allow people anywhere in
the world to take over the root account on your machine.
The best policy is to only use root for system administrative tasks that
cannot be done by normal users. To use the root account, log into a
regular account and "su". Do not run X, GNOME, and KDE as root.
Sweet dreams,
-jwb
Reply to: