Re: Linux Security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



At 02:39 07/09/2006, you wrote:

On Wed, 2006-09-06 at 19:49 -0500, Michael Yep wrote:
> Users should run as restricted users

When I was running Window NT, I did that, and it
worked great, but when I "upgraded" to XP I found
it was totally impossible to do anything and eventually
gave up trying and just made my "normal" user
an administrator.

I've got the same problem here (at work). Unfortunately like many others I have to use XP. Also unfortunately I need to use old software, which probably pre-dates windows 98. It works OK most of the time, but won't work at all in the "normal" user mode so I have to permanently work as an administrator.

The important difference is, I think, that until XP (in my experience which excludes NT) windows has always been totally insecure (which isn't saying that XP is totally secure) whilst Unix/Linux has always been secure by default. So applications for windows have traditionally been written to run in an insecure environment and generations of computer users don't have the first clue about security. Which as we've seen in recent years is a recipe for disaster.

So, if we the Linux community can manage to persuade computer users to switch from windows to Linux we've then got a problem with people who don't understand security. If they've always run windows in supervisor mode then they'll just run Linux as root user because they don't know or understand the reasons why that is A BAD THING.

It all boils down to education. If a Linux user can manage to turn a windows user away from the Dark Side then that's very good. But with that power comes responsibility - the responsibility to educate new users to run the operating system correctly and safely.

Would it be a good idea for FC to incorporate a "nag screen" that pops up with a security lecture if the system is logged in as root for longer than, say, 20 minutes at a time? Or is used to run desktop applications such as Open Office or The GIMP?

Dave F

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux