Re: root in FC 10

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



--- On Sat, 12/6/08, Robert L Cochran <cochranb@xxxxxxxxxxxxx> wrote:

> From: Robert L Cochran <cochranb@xxxxxxxxxxxxx>
> Subject: Re: root in FC 10
> To: "Community assistance, encouragement, and advice for using Fedora." <fedora-list@xxxxxxxxxx>
> Date: Saturday, December 6, 2008, 5:22 PM
> I'm please Fedora 10 ships with graphical root logins
> disabled by
> default. It is an excellent security step. I have a test
> system set up
> downstairs that I have been using quite a bit. For the
> first time I'm
> using SELinux in full enforcing mode and I'm not seeing
> terrible
> problems (at least not yet!)
> 
> If one also encrypts the hard drive, I think it is probably
> much safer
> and more secure to do ordinary things that save a lot of
> time like
> paying bills online.
> 
> Bob
> 
> 
> 
> Mikkel L. Ellertson wrote:
> > Fred Silsbee wrote:
> >   
> >> You don't see it do you! What you are
> proposing would take a
> >> massive intricate system to protect people from
> themselves. SELINUX
> >> is already a super mess duplicating controls
> already in place and
> >> adding to the CPU burden.
> >>
> >>     
> > One thing you seem to be missing - this is not only to
> protect new
> > user from doing something stupid before they learn,
> but also to
> > protect the rest of us from stupid mistakes by others.
> Or would you
> > like to see botnets of Linux machines to go with the
> Windows ones?
> >
> > I can just picture a newbee running as root, and
> running an older
> > version of their web browser that has a known exploit,
> and getting
> > something nasty installed.
> >
> > With the profit that can be made from compromised
> systems, it would
> > be irresponsible to ship systems with insecure default
> settings.
> > After all, we do not want to see Linux systems that
> are as insecure
> > as Windows systems are by default. Running as root all
> the tine
> > defeats most of the security of a Linux system.
> >
> > Mikkel
> >   
> 
> -- 
> fedora-list mailing list
> fedora-list@xxxxxxxxxx
> To unsubscribe:
> https://www.redhat.com/mailman/listinfo/fedora-list
> Guidelines:
> http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

no sale! not at all!

Robert be careful...seriously...the irritable "top posting troll" is watching

he can't get a date and is looking for revenge


      

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux