On 3/6/09, Tim <ignored_mailbox@xxxxxxxxxxxx> wrote: > On Thu, 2009-03-05 at 23:33 -0700, Petrus de Calguarium wrote: >> it's my computer and I'm the only user, so password or not, I am BOTH >> me and root, anyway. >> >> Do you really think it matters? What could happen, aside from making >> me think a few nanoseconds longer before executing a command? > > Simple scenario: You view some webpage that exploits a weakness in your > web browser. With no way for it to get root access, all it can do is > mess up *YOUR* files. But with root access, it can do *anything*, > including silently install a rootkit. I'm not quite sure, but isn't it possible that even with just the privileges of an ordinary user it can install something that watches what that user is typing when (s)he's su-ing? (No, I'm not at all arguing for doing things as root!) Andras -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
