Concern about logging in as root overrated?

For the same reasons why each daemon should have minimal rights. Apache can run as root. It is designed to perform one task and surely nothing bad can happen?

But assume apache is not bug-free. Bugs are discovered from time to time. Sometimes it can even be arbitrary code execution or similar. Now with apache running as root, it can access anything — for example it can load a rootkit into kernel and hide itself.

On the other hand, writing a user-level rootkit is very hard. It has to override different programs (like ps) inside /home, which can raise suspicion due to the extra disk space used. It might not know the exact configuration and forget to include e.g. gnome-system-monitor therefore exposing itself. It has to cover bash, tcsh and any shell you happen to use (to start itself). It would have to work with different configurations instead of 'simply' overriding a bunch of callbacks.

Consider that not so long ago there was arbitrary code execution discovered in... Adobe Reader.

Other reason is user mistakes. It is better to be warned before erasing the whole disk by one command.

Third reason is different shells. Root shell should be installed on / in case that rescue of system needed to be performed. Users' shells can be installed on /usr (for example user can use zsh).

Forth reason is that different programs don't work as root. They specifically know they are not supposed to, so you would need to patch system.

Fifth reason is that /root should not be on a separate partition while /home can (and should). Having /home separate helps for various reasons.

ALSO: WHY NOT USE AS NORMAL USER. You more often don't need to have root rights than do. It is a very little cost for security.


You can also ride a motorcycle in the nude, and nothing may happen. But I bet you'd feel better if you had when you crash the bike...


Apart from the obvious point of security, it is clear you've never hosed your system by mistyping a command in the shell or a lapsus. If it happens, you'll understand why people freak out about it. And then you will cry in horror, and also realize that it was a highly educational experience, but you're not getting your system back anyway.

A thought: if you're being asked for the root password during normal use of your system (ie not installing packages or some other system administration task), you're doing it wrong.