[OT] Re: Running graphical programs as root

Darac Marjal mailinglist at darac.org.uk
Wed May 9 12:53:08 CEST 2012


On Tue, May 08, 2012 at 09:16:10PM -0700, Ray Andrews wrote:
> On 08/05/12 11:41 AM, houghi wrote:
> >
> >Can't root listen to music as he works?
> >No, because to listen to music, you need to be a human being. (OK, have
> >ears) and root is not a person. It is an adminitrative account.
> >
> Well that's a downer.  But I must say that the illusion of still
> being human is very powerful when I log in as root ;-)
> 
> For now I'll just accept the fact that when I'm logged in as root,
> playing an .mp3 somehow puts my system in peril and that there's
> nothing that can be done about it.

It does. The nature of root is that all protection is off. You have
complete free reign over the whole system.

Imagine there was a bug in VLC that your mp3 exploited. If you run VLC
as a limited user, then the theory goes that the exploit can only do as
much damage as that limited user can do. If you run VLC as root then,
again, the exploit can only do as much damage as root can do. That's
anything, remember.

If you want a 'version' of root that can run VLC but without the
possibility of running rampant over your system, well then you're back
to being a limited account.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://mail.xfce.org/pipermail/xfce/attachments/20120509/b114a893/attachment.pgp>


More information about the Xfce mailing list