On Thu, 25 Jan 2007, David Boles wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Matthew Saltzman wrote:
On Thu, 25 Jan 2007, Les Mikesell wrote:
Craig White wrote:
Would know if Freespire has the same security flaw that Linspire has?
Everything by design in Linspire is run as 'root'. The GUI desktop. The
applications. The whole thing. Just like Windows does.
----
Like Ric & Gene
On a single-user computer there's not a whole lot of value in
preventing yourself from being able to destroy other user's
work - which is what you get from the effort of not having
admin privilages all the time.
Also some protection from accidentally destroying the rest of your
system, which seems a worthwhile tradeoff to me.
Also, if you really think there are security bugs lurking in the
programs you are running, wouldn't you prefer that they be
found and fixed instead of worked around, avoided, and allowed
to linger forever?
Well, sure, but I'm not volunteering to be the victim in the meantime.
Matthew,
I really doubt that you will win an argument about 'run as root' security
here. It sounds as though many have SElinux turned off because it is
inconvenient sometimes when it denies disk/file access that might be harmful,
as Windows does allow, to strange applications. Some even think SELinux is a
'spy thing' from the NSA all because of a supposed Windows problem mentioned
in the news dated 1999. One that had nothing to do with SELinux.
Yeah, I know. I usually try to sit on my hands when these things come up,
but I slipped off.
And while they are looking in the closet and under the bed for the bogeyman he
could be walking in the front door through an unlocked door. ;-)
--
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs