"Run everything as root, there's no big security issues here" is the biggest load of spit I've heard in a while. Ubuntu operates on a rootless security model, SELinux/grsecurity/RSBAC aim to establish roles so that root processes have limited scope, and Zones are like a chroot()^10. These things exist because quality preventative security measures are needed by default when 15 year-olds can download some code that will turn Grandma's machine into a digital weapon wielded against the rest of us. Oh, and good ol' Granny can change her wallpaper without being root in other distros, that functionality has been in KDE and GNOME for years. What happened to you Mr. MP3.com? Money changes people...

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/321/31667#31667