On Wednesday 04 of November 2009 19:15:50 Adam Williamson wrote:
What some people are saying is that you should not be able to log in to the entire graphical desktop from the graphical login manager as root, which is arguably true, but entirely irrelevant to the main issue here.
what I say is that you should be able to do that at your will
you should be warned that this is not a good idea, and this is the line what the software (thus its authors) should not cross
as it was said by John: "My security is my responsibility, not my vendor's. The vendor's responsibility is to provide tools and documentation.
Neither you nor my vendors understand my particular requirements and circumstances, and lacking that information you are poorly qualified to judge."
I'm sorry for my overreaction, but the issue is quite sensitive to me due its analogy to other things happening all over the world (and touching me) - "for our safety"
this really does not belong on this list; but my will is weak and I couldn't resist to react when the original writer was told not to use GUI as root at all ... I'll try better next time not to waste your time
Most importantly, there is actually a big bug at the root of this discussion, it's filed and marked as a release blocker and there's an updated selinux-policy available that ought to fix it. The bug is https://bugzilla.redhat.com/show_bug.cgi?id=532748 , the fix is in http://koji.fedoraproject.org/koji/buildinfo?buildID=139739 . The bug stopped the 'kdesu' command working,
...
thankyou - this is exactly the piece of information that was missing to answer the original post ... Adam ruleZZ again! ;-)
K.