On Thu, 2007-01-25 at 19:38 -0500, Ric Moore wrote: > On Thu, 2007-01-25 at 07:41 -0700, Craig White wrote: > > On Thu, 2007-01-25 at 06:05 -0800, David Boles wrote: > > > > > > > > > Would know if Freespire has the same security flaw that Linspire has? > > > Everything by design in Linspire is run as 'root'. The GUI desktop. The > > > applications. The whole thing. Just like Windows does. > > ---- > > Like Ric & Gene > > > > Craig > > You just had to go there, huh? <chuckles> > > Gene, Les, Tim and I must have been separated at birth, so our > coinciding use of the root user is just a sign of that. That plus older > vehicles with no computers nor smog controls on them, just belching > excess gas and carbon into the ozone the way God intended an American > Make to do; though side-pipes to scorch the pavement, a proper > gear-ratio to spin the tires and to scare the neighborhood into a hasty > retreats while shooing the children to safety. All of that while > stone-cold sober. OOH-RAH! > > <Hi-fives Gene + Les> + <smirks> Ric ---- I don't recall Les ever sounding in on whether he logs into the GUI desktop as root - perhaps he does but I think not. I wouldn't know about Tim. I do see Gene complaining about things that he thinks didn't get installed properly where no one else has had those issues and I think they relate to his continual operation as root, especially building packages as root. It strikes me as a lazy habit and once someone has settled in to this habit, they will not give it up easily. Reminds me of the adage that people will purchase emotionally and try to defend their purchase rationally. I am sort of amused by the adoption of procedure on various OS's - where Windows installs the first user as superuser and this user must actually labor to create new user accounts and remove the administrative role from the first user account. Fedora first boot asks you to create the unprivileged user account and some users log in as super user anyway. It's clear that the reason that Windows sets the normal user account to superuser privileges because they want to appeal to the non-technical users who simply want to turn on a computer and start using it right away. The penalty for that is that this user must run firewalls that ask questions the user doesn't understand, employ anti-virus software that this user probably won't verify is being updated and hopefully, when the subscription based update service expires, handholds the user into repurchase and gets it updated. Clearly this is the market that Linspire is seeking which is why they also run as superuser. Linux has traditionally followed the UNIX methodology where the least privileges necessary to function and Fedora / Red Hat has embraced this principle closely and has helped to develop the tools necessary to allow the user to function and obtain privileges if/when necessary/possible. In the end however, it is still your system and of course, you are entitled to use however you see fit including disabling SELinux, build packages as root, run GUI as root, etc. I guess that the thing that clinches it for me is the people whose opinions I most respect suggest the above is not good practice. Craig
