For many years, Linux's user account system has worked marvellously well for maintaining security. In the older days of Windows, users would run with administrator privileges all the time, never being aware when a program decided to trample all over critical system files. In contrast, pretty much every desktop Linux distro pops up a big password dialog box, saying that it needs special privileges to do a certain task - and making the user think for a moment.
However, I wonder if we can do more. As Linux spreads further into desktop territory, users are going to become increasingly blasé about password prompts. For instance, have a look at this:
This is an official tool supplied by default in Ubuntu 10.10 (which, admittedly, is still in development so this silly message may be simplified by the final release). But if we're writing a tutorial on this tool, and we tell users that it's OK to enter their password when given such a prompt, how will that shape their perception of these warnings? Will it become the norm to absent-mindedly tap in your password whenever a dialog box appears?
Perhaps the warnings need to be more specific. "This application requires DIRECT HARDWARE ACCESS which could crash your machine", for instance, or "This application WILL CHANGE YOUR STARTUP SCRIPTS, which may make your system fail to start". Some folks may think these messages are a bit extreme, and would scare newcomers - but isn't that the point? If they dissuade dabblers from doing anything too drastic, or at least make them phone the nearest Linux guru beforehand, then perhaps that's the best solution.
I'm just thinking here - what do you reckon, readers?