On Sun, 28 Oct 2012 23:14:34 +0200
"Andrej N. Gritsenko" <andrej@...> wrote:
> I would like to duscuss a function in subject. Starting a lot of GUI
> applications (including MS Windows .exe files, browsers, etc.) under root
> makes linux vulnerable to troyans, backdoors, not mention the cost of a
> failure of the buggy GUI application when it operates with unlimited
> privileges is very high. And 'Open folder as a root' starts all of this.
> Since such kind of escalated privileges (which is much worse than some
> 'sudo -s' which is unwelcomed and often denied by administrator) is such
> dangerous no other file managers have such functionality available for a
> regular user. And no regular user would ever need such functionality but
> only administrator of multi-user system probably. If regular user wants
> open folder as root it usually means something was done badly before (for
> example, missing a group for user) and that should be fixed at that place
> instead of opening as root. So I think this should be available only in
> 'advanced' mode, the same way as SUID and SGID changes are available only
> in 'advanced' mode currently. What do you think?
> With best regards.
If I may, I would like to express my opinion, which will not be a very technical point of
view, just the ways I have learned and what I have seen until recently.
I think any gui app which is not known to be fit for this use should not be started with
root privileges. Guis meant to be opened as root : Synaptic package manager, other
package managers, (although some do ask the admin password just when an application is
selected for install or uninstall), and Gparted, mainly, and of course all the consoles.
Some distributions are meant to be started entirely as root, in Live sessions : the ones
meant for admin tasks, when the administrator using it has to know what he is doing.
Other file managers do have entries to be opened as root : I think Dolphin probably does,
and perhaps Thunar too (not sure about this one), and Konqueror probably.
Up to now I have thought PCManFM providing this feature is supposed to be coded in a way
such that eventuel bugs or failiures have been considered/patched ? But I am not a coder,
so I don't know about that.
There is one point which bothers me, is that the fact some apps which are not
specifically dedicated for admin tasks are used with root privilege. And some do wonder
why bother using a menu, or gksu, when it can even be started from a root console ? And
while we are here, it would be so convenient to login as root under X ?
And why not even **always** login as root under X ? And back to the Windows ways... ^^
This is in my opinion like a soap board. I have had a similar discussion on a forum
lately, where the discussion started when one member suggested another to start
Lxappearance as root (from a root console) to be able to generate easily a configuration
file to change the aspect of a gui admin program, and frankly this topic could be endless.
I am not sure this has helped you.