Linspire or not, I always
observe the following principles with regard to Linux user-ids (and Windows, for that matter!) and consider them to be vitally important:
(1) For regular, daily use of the computer, I use a user-id that is "unimportant in every way." This user is a regular Joe, with no privileges or special access whatever.
(1a) For specific purposes that I use occasionally, such as accounting and work done for confidential customers, I use separate user-ids for these, which are disconnected from my regular account. They are closed books, with their files locked inside. Applications that only they use, and their files, are accessible only to them. As far as privilege is concerned, they too are ordinary.
(2) For system maintenance and software installation purposes that do not require root
access, I have a separate system-maintenance account. This account has the privilege of joining restrictive groups other than its home. So, even for this guy, a conscious act
is required to gain access to software areas.
(3) For only
those specific purposes that can only be done as root,
root is used .. and only long enough to finish. root
(4) I know about every single user-id that exists, who uses it and why. If the user does not require login, login on that account is not possible. (The shell is /sbin/nologin
.) I know about every single service that is defined, every single entry in xinetd.conf
. There are no "guests" and no guest access.
As I said, exactly the same principles apply to Windows, OS/X or what-have-you. Do not use Windows routinely as an "Administrator." Never mind that so many people do so... that's a major reason why their systems get successfully attacked by rogue programs. Very sturdy mechanisms exists to thwart these attacks -- they simply must be used.
Being cavalier about "root" is a great way to see your system crash and burn. It takes a trivial
amount of time and discipline to have things much, much better.