Root with GUI
Patrick O'Callaghan
pocallaghan at gmail.com
Thu Apr 15 16:37:01 UTC 2010
On Thu, 2010-04-15 at 08:58 -0400, Tom Horsley wrote:
> On Thu, 15 Apr 2010 08:14:30 -0430
> Patrick O'Callaghan wrote:
>
> > and we never typed or clicked on anything we didn't mean to
>
> Right. You can type things you don't mean to as easily as click
> things you don't mean to. I'm just looking for the actual evidence
> that GUIs are fundamentally evil when running as root, not all
> this vague handwaving "Oh, it must be horrible!" stuff that seems
> to be entirely anecdotal or possibly completely imaginary.
It's not a question of "fundamentally evil". Security is 99% about
avoiding trouble (Google for "principle of minimum privilege"). GUIs are
large, complex and buggy pieces of multiple interacting components
written by diverse people of widely differing abilities. When you use
them as a normal user you at least have the safety net of restricted
access to reduce the amount of potential damage. Using them as root
removes even that.
poc
More information about the users
mailing list