Yes, very. This is not specific to Firefox, but anything running as root gets access to everything. Only one thing has to go wrong for the whole system to get busted.
usually logged into KDE Plasma as root.
Please don’t do this! DEs are not tested to be run as root! Millions of lines of code are expected to not have access to anything they shouldn’t have and as such might be built to fail quietly if accessing something they shouldn’t in the first place. Same thing applies to Firefox, really.
Debian world - apt sucks. For something with a sole purpose of resolving a dependency tree, it’s surprisingly bad at that.
Redhat world - everything is soooo old. I can see why business people like it, buy I rarely, if ever, agree with business people.
Opensuse world - I’ve only tried it once, probably 15 years ago. Didn’t really know my way around computers all that much at the time, but it didn’t click and I’ve left it. Later on I found out about their selling out to Microsoft and never bothered touching it again.
Arch - it was my daily for a year or two. Big fan. It still runs my email. At some point the size of packages started to annoy me, though. Still has the best wiki. I’ve never really bothered with the spinoffs, as the model of Arch makes them useless and more problematic to deal with.
I’ve got the Gentoo bug now. For the first time I genuinely feel ~/. A lean, mean system of machines :)
Pulled pork. And then I wonder why I don’t do it more often, and then remember that I prefer homemade one, and then I realise :::: spoiler ain’t nobody got time for that :( https://i.imgflip.com/1f0umb.jpg
I personally only run pihole and ublock origin. Pihole takes care of the most stuff, ublock picks up the leftovers where domain blocking is not good enough. I’d like to believe this saves some juice on battery powered devices, but I’ve never actually measured it nor noticed it.
I don’t know the specifics on Fedora’s installer, but normally that question is about disabling root account, not logging into a DE.
Not sure what else to elaborate here. There’s a bunch of code that is not tested to be run as root. A whole class of exploits becomes unavailable, if you stick to an unprivileged user.
Say there’s some exploit that allows some component of KDE to be used to read a file. If it’s running under an unprivileged user - it sucks. Everything in user’s homedir becomes fair game. But if it runs as root - it’s simply game over. Everything on the system is accessible. All config, all bad config, files of all applications (databases come to mind). Everything.
Launcher on android is just that - an app to launch other apps. Other apps can and do run in the background, without ever being explicitly launched. Think play services, location provider, wifi connection manager, etc. Since google runs its stuff at the highest level - nothing can hide from it. Other apps, like netflix, utilise internal telemetry. Assholes like facebook push the boundaries to the limit and collect literally every input of every sensor to have as much data about your environment as possible.
Is there anything else I should keep in mind for fstab if I want to, say, not keep track of my Downloads folder when snapshotting?
Just create a separate subvolume for it. Snapshots do not work recursively, so it will be left alone.
Mount options also only take effect on the first mount of the device. Since it looks like you only have 1 btrfs device - only / needs the options, really.