On running gui applications as root

Andrew Haley aph at redhat.com
Thu Nov 19 12:48:50 UTC 2015 

On 11/18/2015 06:49 PM, Adam Jackson wrote:
> On Tue, 2015-11-17 at 17:30 +0000, Andrew Haley wrote:
>> On 11/02/2015 03:05 PM, Adam Jackson wrote:
>>> But, why take the risk exposure, when you could simply not?
>>
>> How else would I edit root-owned files?  I don't get it.  I mean,
>> I guess I could run an editor in a text window, but I don't want to
>> do that.
> 
> That's kind of a non sequitur. To a first order, there are zero root-
> owned files you need to edit routinely. And I feel pretty comfortable
> calling any counterexamples bugs that need fixing.

I don't quite understand what you're saying here.  There are plenty
of config files in a UNIX-like system, and they are supposed to be
edited.  And if you think otherwise, then I think you are wrong.

>> And finally, it's *my computer*, dammit.
> 
> In the threat model being described, no, it is not, there's another
> agent on the system subverting your use of it.
>
> You are of course free to disregard that risk, or measure it in the
> event and conclude it's safe enough, and in many cases it will in fact
> be safe.

Well, good, as long as I can still do that, I will be happy.

> Great, fine, that's a conclusion a consumer can come to. But in the
> Fedora context we are the producer, not the consumer. Developing an
> operating system means considering what is best in the general case,
> and in the general case, if using the system requires a
> known-dangerous configuration, we've done our job poorly.

Sure.

> Phrased another way: no, it's not *your computer* we're talking about
> here. The computer in question rightfully belongs to someone else; we
> are here discussing how to be responsible for the code they allow us to
> run on it.

That is a reasonable point for view.  However, the point of Free
Software is freedom; and the ability to shoot oneself in the foot is
part of that freedom.  One of the greatest advantage of Free Software
from my point of view is that people can choose.  And I know that I am
not alone in chooing to use (and to write) Free Software for that
reason: freedom is not just about strict licence compliance.

Five years or so ago I publicly defended Wayland because I was assured
that things would continue to work after the transition.  Being able
to edit files with emacs is an essential part of that "continuing to
work."

Andrew.

More information about the devel mailing list