On 02/15/2011 02:50 PM, Tim wrote: > Tim: >>> Running as some other user will still have the same ability to do bad >>> stuff as yourself could do. So I wouldn't call it an increased >>> "security" thing. > > Roberto Ragusa: >> You are right. That user has not lower permissions from a system >> point of view; it certainly has "lower permissions" to access >> personal data, so the "bigger security" is just in relation to >> personal data. > > But will it even achieve that? Much of what's /lost/ over the net is > through your web browser. So if you always browse as user 2, any breach > is likely to get all the stuff (user 2 did) that you were hoping to keep > safe. Maybe you are thinking to personal data with the meaning of cookie tracking, personal information and so on. I'm referring to personal files. For example, if my chat program is running as a special user, a potential remote vulnerability of the "read this file" kind will not be able to read my inbox or browser cookies or .bash_history or any other thing I have on the main user. On the contrary, a special "banking" account means there is a browser which is only used to connect to the bank. This means that there is never another window or tab executing dubious javascript while I'm using the bank. Add that for that account there are no Firefox extensions installed (which I could consider not entirely trustable), no Flash, Java, or PDF plugins. I usually create a specific user if I have to run closed source stuff. What I'm doing would probably be addressed by containers and sandboxes, but the Unix user model is well known and tested. Android is actually pushing this concept to "each app is a user" and things to be shared are shared by using group permissions. Very clean. -- Roberto Ragusa mail at robertoragusa.it -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
