I was not saying that I don't need root access; I am saying that I use appropriate privilege escalation (sudo / gksudo) when I do. Having no root account has many advantages. With the main disadvantage being that no one is root anymore. Thus we have the concept of a 'sudoers' file. In it is contained, user names of users which have access to temporarily have root access, and act with permission (pertaining only to the task assigned). Consider me pedantic, but in a conversation like this, being root is a different thing than having root access.
Let me demonstrate privilege escalation with a contrived example of a command combination which requires root access for 'fdisk' from which the text buffer is stream processed by 'egrep' to filter the text. If the following was executed as root....
- Code: Select all
root@mint$ fdisk -l | egrep "^/dev/"
to get a listing concise listing of all your available harddrives seen my fdisk.
if the following was executed as a user with sudo privileges, the second command 'egrep' is executed under the user of ther user (not root).
- Code: Select all
user@mint$ sudo fdisk -l | egrep "^/dev/"
Both have identical output to the screen. But the difference lies in whether the command 'egrep' is executed as root
, and whether it should be running as root.
Now lets considerer taking this further and say that X11 should not be running as root, just like egrep should not be running as root. If you were to enable root account in GNOME/KDE then, effectively, you are giving control over all the things GNOME/KDE call and execute during launch. This is dangerous, just like executing egrep as root is dangerous.
The solution is to use a user which has sudo privileges. Thus even though you trust yourself to use the computer, you don't even need to trust that the computer is performing the correct operations, because it does not have access be destructive.