What _should_ happen IMO is that it gives you some nice screens saying "Please enter what you wish the system adminstration password to be. This password will be required for making changes to system configuration." This then becomes the root password - for a newbie friendly distro there should be able to be a "system adminstration password" without the concept of a root account. "If you want to perform manual system adminstration (not recommended for most users) log in as root with the adminstration password you just chose."

It's reasonaly easy to prevent users logging in to X as root, as this is 99% of your "misinformed users" they quickly discover thaat they either use su, or the gui tools (that conveiently prompt you for a password), or they use a text console. (If they can figure out what the text consoles are, then they're doing ok. - they won't use it for daily use). Just change 'allowroot' in the 'security' section of /etc/X11/gdm/gdm.conf to false.

Has anyone considered a setup where it automatically logs you into X using this "standard PC account" - a bit more insecure yes, but good for a home PC? I installed MS networking login on Mums PC once so I could log into file shares on my Linux box. She demanded it be removed as it confused her on startup. These are the people standing between Linux and "world domination"!

Yeah, easy to do. With a bit of tweaking you can setup gdm to show a picture of each user (and their name), and not have it prompt for a password. (click on the picture of you, and press 'enter'.....)

...

Given that you can do damage as root (explanation later) why would you want to ruin your $n000 PCs configuration, when, for very little hassle really, you can protect it from yourself!

Cos you're lazy, and never think of it. Cos you're an ex-Windows user who doesn't understand, and would rather just log in as root every time. Cos it wasnt the proper default. Cos you trust your programs not to go wrong.

Because windows: * Hides critical information to you so you can't stuff it up. (evidence by the htmlified /windows directory) * Asks for confirmation on everything. * Locks system critical components so you can't do anything with them ("That file is in use by the operating system and cannot be deleted at this time"). Linux: * Is transparent - you can see whats going on under the hood. * Assumes that you ment what you said * Doesn't believe in preventing you from doing what your trying to do. Ever tried to delete a file under windows which is causing problems? watched it fail? :) Ever tried deleting critical libraries under unix? watched the rest of your system fail instead?

Should I be logging into Windows as a seperate user? Do you?

In general I don't login to windows, if required to I press 'escape' :)

...

root doesn't just apply to "your" permissions. Every process you start also has root access (and yes, this holds true under lose2k as well). If ANY of those processes are buggy, or have remote-exploit bugs in them, bye-bye data!

If any processes are buggy you will lose data. What do you care about most if youre a home user? Your documents. They all belong to you. (All of your documents are belong to you!)

Several programs when run as root use the system config's, not the per user ones. You change the config to your desire - now everyone's config is like that -- and they can't change it. Some programs (such as minicom) are nice enough to warn you that they are doing this. Others aren't so forgiving. Programs such as bitchx are security nightmares, running them as root or otherwise is a security hazard, but I doubt many people would give up their IRC addiction :)

If any processes have remote exploit bugs in them, even if they're user space, you can download the password file and then run crack on it. Knowing a standard home user their root password will be "sex" or "fred".

heh, Redhat at least is smart enough to prevent people inflicting this upon themselves unless they know how to SU to root and change it themselves. The most difficult years of marriage are those following the wedding. ------------ WLUG - The Waikato Linux Users Group To unsubscribe, send an email to majordomo(a)list.waikato.ac.nz with "unsubscribe wlug" in the body of the message.