A big problem with run as root is not someone typing the wrong thing at the command line, it's them naïvely downloading and running some random program. This happens all the time with windows machines, as anyone that supports them knows, and it's something you can count on happening with the target audience linspire goes for. It's not such a problem now, perhaps, as they aren't such a big target, but that could easily change.
It doesn't even have to be malware, either, an inadvertant bug in a program can do a lot more damage when run as root.
Apple makes OSX work in a way that's plenty friendly without being so wide-open as 'run as root' - the first user account is automatically 'administrator' which doesn't mean root but rather that it's cleared to sudo, programs that require root access can still be run without much fuss, but there's a notification there where the user has to willingly give them that access. Without calling for sudo, and getting approval, it's still functioning as a normal user account, and the user is shielded from the possibility of hosing the whole system accidentally.
There are graphical sudo tools aplenty for linux, so a similar setup should be quite easy to achieve.
The problem with having an *optional* user account creation is that the folks that most NEED the protection are exactly the ones that won't know to do that.
And I beg to differ that most systems today have just one user - they may have just one human user (although that is actually rare) but they still have system functions running that should be under special accounts. You could make a great 'noob proof' system by simply running a regular cron'd backup of ~/ somewhere that the user account can't access... but I'm rambling.
Anyway, my two cents, run-as-root is evil, and I'd seriously steer folks away from any system that encourages that... the more 'noob' they are, the worse a disaster waiting to happen that would be.
|