Les Mikesell wrote: > Why install a multiuser OS if only one user will ever use > it? The fundamental architecture of a system designed for multi-user usage provides for enhanced control of the system by its administrators and, most likely, much tighter security of the applications and the users' limitations. One of the fundamental things about GNU/Linux and other Unix-like systems is that the user does not run with administrative privileges on a day-to-day basis. This in itself is one of the biggest aspects of security: Generally speaking, the most damage that a user could do is destroy their own home directory. Things like SELinux and other MAC (Mandatory Access Control) systems now make the superuser (root) in many cases no more privileged than a normal user, which helps a lot since there may likely be security holes that could give a user root-level access to the system. (If I recall correctly, there are actually a few locked-down SELinux boxes setup with various distributions by the NSA and various volunteers where you are *given* the root password, and your goal is to actually damage the system in some way as to bypass its control. How's that for secure? ^_^) -- Peter Gordon (codergeek42) GnuPG Public Key ID: 0xFFC19479 / Fingerprint: DD68 A414 56BD 6368 D957 9666 4268 CB7A FFC1 9479
Attachment:
signature.asc
Description: OpenPGP digital signature