|
|
|
|
|
|
by nl
1238 days ago
|
|
|
This is wrong. Data is important but so too is control of executable programs installed on your computer. Running as root allows a bug in an application like a browser to be exploited and give them root access. Then they can modify programs like firejail and suddenly things you thought were protected aren't. |
|
|
This in turn would allow an attacker to login to my servers and other computers leading to a total compromise, as well as breaking trust and integrity of my email (PGP keys).
For my PC a compromise of the user I login as would mean total chaos and compromise, regardless if this user is root or not.
Installation of executable programs isn't limited to the root user, a normal unprivileged one can have them as well. I mentioned firejail because running the browser inside firejail should provide more protection against attacks (provided it's correctly cofigured, as a sibling comment points out), as the attacker couldn't escape the browser sandbox. Though in the current modern world, a browser context compromise could be enough to exploit a power user -- webmail, domain registrar web interface, stored passwords.
I doubt many power users actualy separate their workflow well enough as to change to a different VT (or SSH connection when working remotely) when performing administrative tasks on the computer that require root access. Because if users don't do that and just use a suid binary, like sudo, a malicious attacker with access to code execution in the context of an unprivileged user that elevates privileges with sudo could snoop the password entered by ptrace or simpler means, like a wrapper binary that gets installed without user's knowledge.
(I am by no means a security expert and my opinion shouldn't be treated as useful advice!)