Re: Root in FC10

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





--- On Sun, 12/7/08, R. G. Newbury <newbury@xxxxxxxxxxxx> wrote:

> From: R. G. Newbury <newbury@xxxxxxxxxxxx>
> Subject: Re:  Root in FC10
> To: fedora-list@xxxxxxxxxx
> Date: Sunday, December 7, 2008, 12:50 AM
> > No - GUIs run as root are not as secure. A bug that
> would be caught
> > when running as a user may not be caught when running
> as root.
> 
> A "bug" or a permissions error. Please explain
> how a BUG could or would be treated differently depending on
> the user?
> 
> > The more code you have running as root, the greater
> the chance of
> > running into problems. 
> 
> This is illogical and not relevant to the point which you
> are attempting to make. The vast majority of user, including
> myself, do not write the code we run. And the exploit rate
> in code has nothing to do with the amount of code you have
> running. Lots of code is basically impervious to external
> exploit while being run, because it does not talk to or
> interact with the external world.
> 
> If you are referring to the underlying OS, it ALWAYS runs
> as whatever, often as root. A 'root' user
> doesn't to my understanding run 'more' code than
> a user does...and in any event, all of that code is still
> there to be exploited whichever user is running on top of it
> (if that code is capable of being exploited at all).
> 
> Then again, it is a lot easier to shoot
> > yourself in the foot running as root using the GUI.
> How may times
> > have we seen someone on the list that changed
> permissions, or
> > deleted the wrong file, and needs help to get the
> system running again.
> 
> THIS HAS NOTHING TO DO WITH SECURITY. You are just trying
> to play 'nanny'. The saying is: "To err is
> human". We are ALL human. Get over it and stop trying
> to tie people's hands just because you will not be there
> to hold them. AND this has nothing to do with logging in as
> root. Any user, who through ignorance or stupidity (or both)
> changes permissions or deletes the wrong file, is NOT
> interacting with "security" when he does those
> things. He is using the OS, which does *exactly* what he
> tells it to do, whether or not that is what he thought he
> wanted it to do. And the only PROPER response to that, after
> the fact, is to explain what he did (fix the ignorance bit:
> "ignorant" from "does not know") and
> hope that he remembers it (you cannot fix the stupid bit).
> Oh,  and say, Don't do that again.
> 
> Sorta like your mother probably did many times when you
> were a child. But it is time to stop playing parent to
> everyone.
> 
> Geoff
> 
> -- fedora-list mailing list
> fedora-list@xxxxxxxxxx
> To unsubscribe:
> https://www.redhat.com/mailman/listinfo/fedora-list
> Guidelines:
> http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

well said!


      

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux