* Bret Hughes ([EMAIL PROTECTED]) wrote:
>
>
> Tom Gilbert wrote:
>
> > That indicates that at some point (hopefully by accident), you ran
> > gnome as root.
> >
> > Feel free to delete these files, and don't run gnome or X as root :)
>
> Why not? There are some tasks that really are easier to do in the gui
> as root. Is this REALLY a big deal?
Yes. Absolutely, it is a HUGE deal :)
I'm not going to go into huge detail here, because this is a *nix FAQ,
but here is a brief summary:
o First things first, there is never ANY *need* to run a GUI as root,
especially an environment such as gnome. Log in as a normal user, and
in a console, type "su" to become root, do the admin task, the ctrl+D
to logout. You can run gui apps from the shell as root this way, but
running an entire desktop environment, file manager, app launcher,
applets, etc, etc as root is madness.
o When you run as root, you will make a mistake. That mistake will
cost you, because root has unlimited power. Acidentally drag a folder
in gmc and suddenly, /usr is under /tmp. Try to type "rm -rf
~/rubbish/" and accidentally type "rm -rf ~/rubbish /" and there goes
your system. Its easy to think "I'd never do that", but people do it
every day.
o SECURITY
Root can do anything. GUI programs are large and are not generally
security audited. Gnome certainly isn't. Any exploit or loophole
because a million times more dangerous when you run it as root. Run
irc as root and I guarentee you that someone will gain access to your
system, and therefore the root account.
There are millions of reasons, I won't list them all. Take it from me
that people have asked this question many times before, and the answer
is always the same. Don't run as root. Why give every application you
run ultimate power over your workstation when you don't need to? Why
lose ALL the benefits of a multi-user environment, and why put your
security at risk?
> Very interested.
>
> Bret
Tom.
--
.-------------------------------------------------------.
.^. | Tom Gilbert, England | [EMAIL PROTECTED] |
/V\ |----------------------| www.tomgilbert.freeserve.co.uk |
// \\ | Sites I recommend: `--------------------------------|
/( )\ | www.freshmeat.net www.enlightenment.org slashdot.org |
^^-^^ `-------------------------------------------------------'
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
