<quote who="Michael Toomim"> > I don't buy it. Most desktop computers (dos, win95/98, early macs) don't > even have a "root" concept, and all users have root-equivalent power -- > yet I've *never* met a person who deleted their system files because they > had root access. (I've been admin for a lot of systems.) This just isn't > a problem that comes it in practice.
Any minor bug or security issue is magnified a thousand times when the software is running as root. Viruses and worms will actually be able to do horrible things (such as work, breed, do reasonable damage, etc) if they are running as root. I got a call from a client this morning: "Can I lock down all of the folders on our [Windows and GNOME] desktops to stop staff from accidentally moving them and not being able to find them again?" Were all those staff logged in as root, complete system failure is only a clicky-clicky hamfisted secretary away. Ever see a Windows user who's accidentally dragged icons out of their Start menu? (Whoever thought up drag'n'drop menus should be shot.) Ever see a Windows user who's resized their Start bar to 3px high, or half the screen height, or shifted it to the other side of the screen? Happens all the time. Remember, kids: COMPLETE SYSTEM FAILURE is only a clicky-clicky hamfisted secretary away. - Jeff -- GU4DEC: June 16th-18th in Dublin, Ireland http://www.guadec.org/ "I believe in true love. But I am easily satisfied." - Miguel de Icaza
