[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Root Logins in X...





On Thu, Jan 22, 2009 at 2:13 AM, Warren Togami <wtogami redhat com> wrote:
Let us step back and consider the actual goal of preventing root logins.

We want to stop people from logging in as root on their X desktop
because it is almost always done out of laziness.  We want to discourage
these lazy users from logging in as root and using desktop applications,
which can be a dangerous thing.

The only legitimate reason to allow root login is disaster recovery.
The case where /home filesystem is full and logins fail, or /home is
remote and inaccessible are cases where graphical non-root logins can fail.

So why don't we make root logins from GDM a stripped down desktop with
only a terminal and a menu with only configuration tools?  This desktop
should be ugly and with a very obvious note explaining why they
shouldn't be logged in as root.

Benefits?
- Educates the users.
- Prevents future stupid flame wars.

Just a thought... I don't particularly care what happens here.  I never
log in as root on X.

Warren Togami
wtogami redhat com
 

Who are we to police log-ins anyhow?  If they are too lazy and completely hose the system that is their problem.  I frankly find it quite irritating that a couple of the servers stuffed away in my locked server room that are only accessible my me, only accessed once in 60-90 days, can't sit there logged in as root.

What's next?  We going to force Gnome, Firefox, SElinux, etc cause we feel it is safer?

We are about choice, ask the user during install if he/she wants to prevent root logg-ins.



--
projecthuh.com
All of my bits are free, are yours?  Fedoraproject.org

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]