The option to login as root to do administrative tasks is an integral part of GNU/Linux, why disable graphical interface access to root when command line support is still enabled? The same destructive behaviors of the graphical interface is available in the command line interface as well. Why are administrators now forced to dig for the ability to do their job, perform multiple tasks that if written in the command line would pose severe risks of typing errors and missing commands that may be more destructive to the system. Should the default for root access be disabled or enabled in gdm? To fix the two sided argument, why not put an option in the firstboot Setup Agent, a simple checkbox stating "enable graphical interface root access". This checkbox would then either comment out or leave the command auth required pam_succeed_if.so user != root quiet lines intact in the gdm and gdm-password files respectively.