On Fri, Nov 20, 2009 at 12:26 AM, Conrad Meyer <cemeyer@xxxxxxxxxxxxxxxx> wrote: > On the contrary. On the typical single user system, it's just as bad if an > attacker can steal / delete / modify the user's files as it is if the attacker > can modify / delete system files. Privilege escalation isn't needed to delete > everything the single user cares about. Not quite. For example, it's much easier to fix a system which has only had a user account compromised, since if you actually trust that its only the user account you can skip the full reinstall. This is also assuming a strictly single user system. With features like fast user switching it wouldn't be inadvisable or especially inconvenient to operate business and pleasure activities from separate accounts. I don't know anyone that does this today, but as it becomes easier to do so and if the systems don't continue to go down the route of giving the local accounts root access then it may be a practice which becomes common. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
