Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 3 Sep 2002 08:17:43 +0100
From:      Matthew Seaman <m.seaman@infracaninophile.co.uk>
To:        John Chang <johnec@umich.edu>
Cc:        FreeBSD LIST <FreeBSD-Questions@FreeBSD.ORG>
Subject:   Re: XFree86
Message-ID:  <20020903071743.GA20142@happy-idiot-talk.infracaninophi>
In-Reply-To: <5.1.0.14.2.20020902185316.0197ca98@j.imap.itd.umich.edu>
References:  <20020901151838.U37627-100000@earl-grey.cloud9.net> <5.1.0.14.2.20020902185316.0197ca98@j.imap.itd.umich.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, Sep 02, 2002 at 06:55:12PM -0400, John Chang wrote:
> Is it bad practice (security-wise and performance) to run a GUI like 
> Xfree86 when doing some administration?  Or should everything be done in 
> command-line and not install it?  Thank you

In general, best practice is to avoid logging in as root where
possible, and certainly not to run complicated desktops or windowing
environments as root.  The canonical rule is "don't do things as root
that you can do as an ordinary unprivileged user".

Using 'su' or 'sudo' or 'op' or the like to use root privileges in an
xterm is acceptable.  Running X applications as root on the local
machine is probably OK --- so long as you exercise a bit of common
sense about what you run.

Running X applications as root on a remote server and displaying
locally through the usual X mechanisms is as open to network snooping
as, say, a telnet session as root.  Not a good idea at all.  Always
use ssh's X tunnelling feature in this situation.

If you have dedicated server machines, it's common practice not to run
a local X server, or in many cases not to install X windows at all:
why waste precious CPU cycles and disk space away from the server's
primary purpose?

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
                                                      Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020903071743.GA20142>