Notably, there is a difference between admin and root.
One has checks, the other can run scripts, change permissions, move files, delete files, hide malware, install rootkits, install ransomware, exfiltrate data, alter your OS, change hardware voltages, etc all without so much as a prompt.
It doesn’t matter if you’re a beginner or a seasoned veteran with handling root, it can cause some heavy damage to your system when you or another application mishandle it.
Rule of thumb is to remain in user mode for the entirety of your sessions. Only use admin rights when you need to make a system change. Most well-designed applications should not need to be run as admin, and definitely not root.
Notably, there is a difference between admin and root.
One has checks, the other can run scripts, change permissions, move files, delete files, hide malware, install rootkits, install ransomware, exfiltrate data, alter your OS, change hardware voltages, etc all without so much as a prompt.
It doesn’t matter if you’re a beginner or a seasoned veteran with handling root, it can cause some heavy damage to your system when you or another application mishandle it.
Rule of thumb is to remain in user mode for the entirety of your sessions. Only use admin rights when you need to make a system change. Most well-designed applications should not need to be run as admin, and definitely not root.
What is this proselytization adding, here?
Its called the principle of least privilege, or principle of minimal privilege, or principle of least authority.
Its a philosophy learned by anyone who is serious about information assurance. Its a very basic, yet fundamental security concept.
Got it. I thought it wasn’t relevant to this context, and I was right.
This is relevant to giving apps “root access”. How is that not relevant?