[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: User Experience improvements for Anaconda



On Sun, Nov 28, 2010 at 06:04:20AM -0600, Bruno Wolff III wrote:
> On Wed, Nov 24, 2010 at 15:40:07 +0100,
>   Martin Gracik <mgracik redhat com> wrote:
> > 
> > I agree that there are many people doing this, but logging in as root is
> > I believe a security risk, and I think we should encourage the users to
> > use policies that are more secure. And also, gdm does not allow you to
> > login as root by default.
> 
> su'ing to root from a normal account has simlar risks. Exploits need to
> be a bit more complicated, but once they are script kiddie ready you
> don't gain much by having to give two passwords to get full access.

It is more risky to run more code as root than to run less.  Logging 
into a graphical desktop as root means /everything/ runs as root, from 
the window manager to the browser and everything in between.  This is 
much more risky than just running a command or shell as root using 
sudo or su.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]