On Sat, 2008-12-06 at 19:34 -0500, R. G. Newbury wrote: > Mikkel L. Ellertson wrote: > > >After all, we do not want to see Linux systems that are as insecure > >as Windows systems are by default. Running as root all the tine > >defeats most of the security of a Linux system. > > >Mikkel > > Well how *exactly* does running *as root* defeat *most* of the security > of a linux system. Sorry but that is BS. > Virtually any exploitable point allows an escalation by way of further > exploit. If and only if, it is possible to ensure (to 100%) that no > exploit can be escalated to provide root level privileges, is it > reasonable and logical to claim that not using root, is "safer" than > using root. It has never been explained to my satisfaction how the > supposed 'sandbox' of being user in fact adds any extra security to the > computer. Becuase it is not just a "sandbox", but a permissions thing. Processes a user can start don't have write access to the global system. Processes started from a root account do. Someone will no doubt say that this can be overridden, but it is more difficult than just having an open invitation to the entire system file structure as you do when root. Regards, Les H -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
