Well, it's not an easy question. I run as Administrator, but not as "root". Being in an admin group, but not running in a permanently authorized state, gives you a significant amount of additional security above and beyond an "admin" on Windows machines, for example.
The fact is, it's pretty trivial to write a Trojan, should that be what a malicious person wants to do. And -- since running as a non-admin, you'd still be able to authorize to install something malicious -- I'm not sure doing this would provide you with much additional security...
So: my suggestion is to always be careful/aware of what's going on. Clichéd, I know, but the social engineering tactics used to get people to install Trojans are relatively easy to see through if one's whole brain -- rather than just the reptile part -- is engaged...
__________________
--Dave Nanian
|