--- On Sat, 12/6/08, Robert L Cochran <cochranb@xxxxxxxxxxxxx> wrote: > From: Robert L Cochran <cochranb@xxxxxxxxxxxxx> > Subject: Re: root in FC 10 > To: "Community assistance, encouragement, and advice for using Fedora." <fedora-list@xxxxxxxxxx> > Date: Saturday, December 6, 2008, 5:22 PM > I'm please Fedora 10 ships with graphical root logins > disabled by > default. It is an excellent security step. I have a test > system set up > downstairs that I have been using quite a bit. For the > first time I'm > using SELinux in full enforcing mode and I'm not seeing > terrible > problems (at least not yet!) > > If one also encrypts the hard drive, I think it is probably > much safer > and more secure to do ordinary things that save a lot of > time like > paying bills online. > > Bob > > > > Mikkel L. Ellertson wrote: > > Fred Silsbee wrote: > > > >> You don't see it do you! What you are > proposing would take a > >> massive intricate system to protect people from > themselves. SELINUX > >> is already a super mess duplicating controls > already in place and > >> adding to the CPU burden. > >> > >> > > One thing you seem to be missing - this is not only to > protect new > > user from doing something stupid before they learn, > but also to > > protect the rest of us from stupid mistakes by others. > Or would you > > like to see botnets of Linux machines to go with the > Windows ones? > > > > I can just picture a newbee running as root, and > running an older > > version of their web browser that has a known exploit, > and getting > > something nasty installed. > > > > With the profit that can be made from compromised > systems, it would > > be irresponsible to ship systems with insecure default > settings. > > After all, we do not want to see Linux systems that > are as insecure > > as Windows systems are by default. Running as root all > the tine > > defeats most of the security of a Linux system. > > > > Mikkel > > > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: > https://www.redhat.com/mailman/listinfo/fedora-list > Guidelines: > http://fedoraproject.org/wiki/Communicate/MailingListGuidelines no sale! not at all! Robert be careful...seriously...the irritable "top posting troll" is watching he can't get a date and is looking for revenge -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
