, 2005-04-27
Linspire's arguments to only run a desktop system as root has everything to do with privilege seperation, privilege escalation, and some design choices made along the way.
Expand all |
Post comment
|
Cleanliness next to Rootliness
, 2005-04-27 Linspire's arguments to only run a desktop system as root has everything to do with privilege seperation, privilege escalation, and some design choices made along the way.
Expand all |
Post comment
|
|
|
Privacy Statement |
Not quite. It's true that by breaching your defenses a bad guy will gain access to your data, and that's bad. But there are two sets of data not on your desktop that are equally important:
1. Your data elsewhere. E.g. in the bank. Which can be gotten at by installing key loggers etc. Which (usually) takes root access.
2. Someone elses data. For which your computer can be turned into an attack or distribution tool. Which (usually) takes root access. Not important to you? Well, not until they sue you for trying to hack them or the Feds bust down your door and arrest you for possessing and spreading child porn. "What FTP-server? I have no steenking FTP-server" - well, that's what *you* think.
So the problem is really of maintaining ownership of the computer instead of merely being the one paying the power bill for it.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/321/31762#31762