On Fri Jun 11, Jeff wrote: [snip]
> This is scary because if Linux ever became mainstream, > viruses could be a real problem. Imagine this: A user > buys a computer and installs Linux. He puts in a password > for the root user. It says "You should create a normal > user for day-to-day tasks." He doesn't care... its just > more to deal with when installing things and whatnot like > that. > > All of the installers I've seen are worded similar to this. > There's a root user for admin purposes, and then you can > create a user if you want to, but most people are too lazy. > > So I got to thinking: would a simple change in the wording > be enough to convince users that they need a separate > account from just root? What if it were worded like this: > > "Linux is designed at the core to thwart viral intrusions. [snip] One of the Mandrake security levels doesn't allow any root login. I hope that Mandrake's install requires a nonroot account, especially if that security level is selected. You can still do `su root` or `su - root`, of course. My $0.02: if a box has a NIC, or if networking is otherwise set up, then no root login ought to be allowed. No matter how the installer words the warning, it'll be ignored by folks, just as motd is. -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
