Slashdot Mirror


Michael Robertson Says Root is Safe

Kez writes "HEXUS.net caught up with Michael Robertson, CEO of Linspire, at the UK launch of Linspire 5. Their interview with Mr. Robertson covers everything from hardware support to software patents, but a comment from Mr. Robertson on using root is perhaps the most interesting: "I defy anybody to tell me why is it more secure to not run as root. Nobody really has a good answer. They say 'oh, yeah, it is!', but it really isn't." I would imagine a few Slashdotters would dispute that."

2 of 1,174 comments (clear)

  1. Define "Secure" by Stibidor · · Score: 5, Interesting

    In the article, Michael defines security as the (in)ability to access personal data. In that respect, he's probably right. But I think he oversimplifies the real question of allowing the users to run under the one account that could really screw up their machine.

    He argues that just because we could possibly drive our cars into brick walls doesn't mean we should all be limited to driving at 10 mph. I don't believe the likelihood of even the least skilled driver actually ramming into a brick wall is quite as much as my grandma's likelihood of completely screwing up her computer were she granted root access. I've seen her mess up her Windows machine pretty nicely.

  2. Re:Okay now... by Anonymous Coward · · Score: 5, Interesting

    That's why you set the /home directory to non-executable. No program, including rm, will walk into it unless you are root. Note that this doesn't affect the ability of non-root users to access any correctly permissioned sub-directory of /home.