Re: question about Linux boxes only running as root

Unruh <unruh-spam@xxxxxxxxxxxxxx> writes:

IF that system never ever ever is connected to the net in any way,
via modem or ethernet, or anything else, then this may well be
fine. It is still dangerous, since that account CAN run anything, on
purpose or by accident. It can also do immense damage (rm -r /)
which a special account could not.

Good point. For instance, someone may walk up to a terminal, and do
something at the terminal that allows them to gain access to the root
account. Some programs like vim and more (less) allow shell access.

And then someone can walk up to a dedicated application, and with the
mouse save a file that overwrites a file like /etc/passwd -
/etc/shadow, and thereby deleting the password. Or they can trash the
system by overwriting some critical file.

It took Microsoft decades to realize the mistake of running the system
under an adminitrator account. There is a reason for this.