!!!
Linspire or not, I
always observe the following principles with regard to Linux user-ids (and Windows, for that matter!) and consider them to be
vitally important:
(1) For regular, daily use of the computer, I use a user-id that is "unimportant in every way." This user is a regular Joe, with no privileges or special access whatever.
(1a) For specific purposes that I use occasionally, such as accounting and work done for confidential customers, I use separate user-ids for these, which are disconnected from my regular account. They are closed books, with their files locked inside. Applications that only they use, and their files, are accessible only to them. As far as privilege is concerned, they too are ordinary.
(2) For system maintenance and software installation purposes that do not require
root access, I have a separate system-maintenance account. This account has the privilege of joining restrictive groups other than its home. So, even for this guy,
a conscious act is required to gain access to software areas.
(3) For
only those specific purposes that can only be done as
root, root is used .. and only long enough to finish.
root never uses a web browser, and just in case, java/javascript is disabled.
(4) I know about every single user-id that exists, who uses it and why. If the user does not require login, login on that account is not possible. (The shell is
/sbin/nologin.) I know about every single service that is defined, every single entry in
xinetd.conf. There are no "guests" and no guest access.
As I said, exactly the same principles apply to Windows, OS/X or what-have-you. Do not use Windows routinely as an "Administrator." Never mind that so many people do so... that's a major reason why their systems get successfully attacked by rogue programs. Very sturdy mechanisms exists to thwart these attacks -- they simply must be
used. Being cavalier about "root" is a great way to see your system crash and burn. It takes a
trivial amount of time and discipline to have things much, much better.
