Anyone with physical access to the computer also has full file system access and could wipe everything, even without password or technical knowledge.
It’s bad for other reasons too, like a script on a website would launch as root… And also without a password if your disk was encrypted your data is protected even if someone has physical access.
It is just generally common knowledge to not run around in God mode all day, otherwise sudo wouldn’t exist.
@cyberpunk007@lemmy.ca
@lord_ryvan@ttrpg.network
This is running in a VM without any internet access… that will end up getting replaced by another OS anyway
It was a serious issue back then. People were wandering around on the Internet with root accounts. A lot of #linux IRC channels were kicking&banning anyone with “~root” or “root” ident with educational sentence like “Do not use root account as your ordinary account, check instructions”. We don’t see the issue widespread today since distros did very good intended “dark patterns” to push users to regular user accounts. Linux (or UNIX) “root” account is true god mode. E.g. infamous “rm” as root joke (!) could even affect Windows running WSL2, so MS had to implement special workarounds.
WSL has no direct connection to the host file system. WSL’s drives are virtualized. Which is a real fuckin peach when you just want to copy things to and fro and end up discovering this 😅