I'm creating a remaster Ubuntu based distro meant to be ran live, with the primary purpose of running online. The idea is to protect the Linux, Windows and Mac installed OS's on the hard drive from getting a virus (Windows and Mac do not provide such a secure solution, this is where grandpa Unix can provide some security.) The users need a password manager for their online accounts. I've chosen KeePassX as the password manager and Firefox as the primary browser. I've decided against Firefox password manager because once opened, other processes can have unhindered access to all the passwords. KeePassX, although not as bad, seems to have a similar vulnerability in that processes with the same privileges would allow a clever hacker to make requests and gain other passwords locked in the safe.
I'm considering storing KeePassX in a root protected directory and changing it's permissions to only be launched by the root group.
My theory is that the database will be protected against non-root processes. Secondly, it can't be executed without a password. I'm not an expert, but this seems ideal for a first level of protection.
I'm getting flack from the Linux community that I shouldn't run things that are not designed to run as root. i could understand some concerns. If for instance KeePassX executed scripts that non-privileged users had read and write privileges to, it could be tricked into doing nasty things. I'm under the impression that if it's code does behave (keeping it's files in one directory that is root protected) everything will be fine.
Is the KeePassX design fit to run as root on a Live Linux Distro, where a user will be online accessing accounts that KeePassX will provide passwords for via a copy and paste mechanism?