Is it just me or does ubuntu ask for your password far too much, i have to enter it a few times every day, a minor inconvenience at first but then it becomes a daily habit that you don’t even think about, which leads onto security flaws “oh you want my password, whatever, just get doing your thing”.
When a user is accustomed to performing a task such as this over and over again a malicious program simply has to run itself with gksudo and the user will happily enter their password and give the program root privileges, especially if you combine the gksudo with a custom message by passing –message “your message” to it, such as this:
Of course this completely bypasses the whole “how does the malicious program get onto your system in the first place” thing, but through my dealings with support requests I can say that people will find random debs/programs on the Internet and they will find ways of running them thinking that everything will be fine.
Do we really need to ask for root privilages so much or is this simply an education on security issue? either way I have a feeling we are sleepwalking into problems down the line.