On Sun, 2010-11-28 at 13:00 -0600, Bruno Wolff III wrote: > On Sun, Nov 28, 2010 at 10:26:59 -0500, > Chuck Anderson <cra@xxxxxxx> wrote: > > > > It is more risky to run more code as root than to run less. Logging > > into a graphical desktop as root means /everything/ runs as root, from > > the window manager to the browser and everything in between. This is > > much more risky than just running a command or shell as root using > > sudo or su. > > Not as much better as you might think. If the user account gets compromised > (as opposed to cases where you make a mistake with a command), then later > when it swiitches to root the malware can use the root credentials to do > other bad stuff. This may give you time to notice the problem and requires > the malware to be more complicated. The more complicated malware only needs > to be written and distrbiuted once. > > _______________________________________________ > Anaconda-devel-list mailing list > Anaconda-devel-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/anaconda-devel-list I think it's not only about compromised accounts. The thing is that if you log in as root, you run everything as root, even stuff that does not need root privileges, and some of this software can do some bad things. If you log in as a normal user, and run everything as normal user, except for stuff that _really_ needs root privileges, there's a smaller chance some malware will have root privileges too, if you don't run it with sudo yourself. Of course there is always a chance that your system is attacked even with a normal user, but when you're using root as little as possible, you are lowering the chances of that. -- Martin Gracik <mgracik@xxxxxxxxxx> _______________________________________________ Anaconda-devel-list mailing list Anaconda-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/anaconda-devel-list