I'm please Fedora 10 ships with graphical root logins disabled by default. It is an excellent security step. I have a test system set up downstairs that I have been using quite a bit. For the first time I'm using SELinux in full enforcing mode and I'm not seeing terrible problems (at least not yet!) If one also encrypts the hard drive, I think it is probably much safer and more secure to do ordinary things that save a lot of time like paying bills online. Bob Mikkel L. Ellertson wrote: > Fred Silsbee wrote: > >> You don't see it do you! What you are proposing would take a >> massive intricate system to protect people from themselves. SELINUX >> is already a super mess duplicating controls already in place and >> adding to the CPU burden. >> >> > One thing you seem to be missing - this is not only to protect new > user from doing something stupid before they learn, but also to > protect the rest of us from stupid mistakes by others. Or would you > like to see botnets of Linux machines to go with the Windows ones? > > I can just picture a newbee running as root, and running an older > version of their web browser that has a known exploit, and getting > something nasty installed. > > With the profit that can be made from compromised systems, it would > be irresponsible to ship systems with insecure default settings. > After all, we do not want to see Linux systems that are as insecure > as Windows systems are by default. Running as root all the tine > defeats most of the security of a Linux system. > > Mikkel > -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
