Les Mikesell wrote: > And meanwhile you are so much better off just deleting your own > files... I'm sure you'll be thrilled that the OS is still intact > and running after that happens. While I agree that this is a 'best > practices' thing and probably worthwhile in a multiuser scenario, > I'm not sure its worth the extra effort when the user you normally > run as has write access to everything that can't easily be > reinstalled anyway. One important benefit of running with limited privileges even on a single user system is that it thwarts attacks that aim to usurp system binaries and settings to further spread and damage other systems or to secretly steal your data without your knowledge. While it would suck to lose your files to an attack, it would suck even more to have the attack surreptitiously install a key-logger that stole all of your passwords while you surfed, or used your system to attack others. Running with the least privilege required to do your work makes plenty of sense even in a single user scenario. Just because it doesn't prevent the one attack you outlined doesn't make it useless. I also think that many folks overestimate how much extra effort is required to run as a non-root user. So you are asked for an admin password every so often if you're configuring your system. Big deal. If you spend all day every day configuring your system, then you should be savvy enough to use sudo from the command line or slick enough to run as root all the time and work out the kinks in those uncharted waters. -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ====================================================================== Nothing in education is so astonishing as the amount of ignorance it accumulates in the form of inert facts. --Henry Brooks Adams
Attachment:
pgpM1BL9kehgP.pgp
Description: PGP signature