Logins
Rahul Sundaram
sundaram at redhat.com
Fri Sep 9 21:34:50 UTC 2005
akonstam at trinity.edu wrote:
>I am curious. Could someone give me a concrete example of why it is
>more dangerous to log in to a gui interface as root as opposed to
>logging in as an ordinary user and su - to root?
>
>
Age old policy of least privileges. Users logging as root in a GUI tend
to run all the applications as root regardless of whether the
application requires it. If you run a application after doing an su -,
you can immediately exit the shell as soon as you run the command
without interrupting your other tasks, unless you launch a new GUI login
merely to run a particular administrative task In fact these users
probably should be using sudo to perform such operations.
regards
Rahul
More information about the users
mailing list