Maybe a user could be blocked from running an app which should not be run as sudo, such as FireFox. Maybe a user should be required to log out from the user account and log in to a root user account, if the user wants to run an app as root, such as Firefox.
If not, maybe a “Warning: Running this app as root may compromise your system. It will have the ability to read, modify, delete and/or encrypt any file(s) without restriction or notification. This is not recommended. Do you wish to proceed?”
Is there any reason a user should run Firefox as sudo?
There is no reason to run any program as root. If an application needs elevated rights, it should request them over Polkit.
That being said:
There isn’t a way to launch a program as root from the desktop UI.
To run a program as root, you need to:
Open a terminal
Enter sudo and the command of the program
Enter a password to authorize root
I consider it highly unlikely that a normal user would come to this point.
So it would be questionable if such a warning would be worth the effort to develop and maintain.
Couldn’t an inexperienced user be social engineered?
If a user logs out of the user account and logs into the root account, isn’t there a red highlighted message at the top of the desktop that warns the user about damaging their system?
Not that I’m aware of.
You’d also have to have one of the few systems that still has an dedicated password for root to be able to log in as root. So such a warning would be very much for a very niche situation.
The modern terminal apps show a visual indicator for root access via sudo, etc. though.
Well, to be fair, there is also a lot of bad advice on the internet which suggest running an app with root.
But I think it makes more sense to use other methods, like correcting wrong information on the internet, providing good help pages on the proper procedures to do certain stuff, etc. than to do this in an technical matter.
There is zero reason to run any graphical application as a super user.
You have opened a bunch of topics on the same issue—running things as privileged user, logging into a graphical session as a privileged user, moving files to privileged locations. What are you actually trying to achieve, with these questions? What kind of problem are you actually trying to solve?
The best way to avoid that, is to disallow logging into a graphical session with a privileged user. That’s up to Linux distributions, though: GNOME is not going to be able to change that.
GUI applications should also not run with sudo: under Wayland it’s already unlikely to work, unless you also construct an execution environment to match the intent—something that users are unlikely to do unless they really want it to happen, in which case presenting a warning isn’t going to do anything.
“Socially engineering somebody into running gnome-text-editor as root, or logging in as root, or copying files under system locations” is a very nebulous, abstract concept; in most cases, GNOME-as-an-ecosystem cannot do anything about it, because we cannot distinguish intent from a system’s perspective.
Wouldn’t it be better to add warning messages to Gnome terminal, instead of each distribution creating their own version of gnome terminal with warnings.
Would it be better to have two separate versions of Gnome terminal? Gnome terminal(no warnings) and Gnome safe terminal(warnings included)
Blockquote
Not that I’m aware of.
You’d also have to have one of the few systems that still has an dedicated password for root to be able to log in as root.
Blockquote
Debian allows a user to login as root via the GUI. A red highlighted warning message is displayed at the top of the desktop after the user has logged in as root.
I don’t know if Debian’s way of doing things is good or bad.
Debian allows a user to login as root via the GUI. A red highlighted warning message is displayed at the top of the desktop after the user has logged in as root.
Debian GNOME 12 does not allow logging in to the desktop as root, because gdm doesn’t allow this.
Edit: I might be thinking of XFCE. In the past, I used Debian and the XFCE desktop environment. Gnome has nothing to do with XFCE. If I remember correctly, XFCE allows a user to login as root and displays a warning message at the top of the screen.