On Friday 20 November 2009 05:52:44 am Gregory Maxwell wrote: > On Fri, Nov 20, 2009 at 12:26 AM, Conrad Meyer <cemeyer@xxxxxxxxxxxxxxxx> wrote: > > On the contrary. On the typical single user system, it's just as bad if > > an attacker can steal / delete / modify the user's files as it is if the > > attacker can modify / delete system files. Privilege escalation isn't > > needed to delete everything the single user cares about. > > Not quite. For example, it's much easier to fix a system which has only > had a user account compromised, since if you actually trust that its only > the user account you can skip the full reinstall. > > This is also assuming a strictly single user system. With features like > fast user switching it wouldn't be inadvisable or especially inconvenient > to operate business and pleasure activities from separate accounts. I > don't know anyone that does this today, but as it becomes easier to do so > and if the systems don't continue to go down the route of giving the local > accounts root access then it may be a practice which becomes common. It's easier to fix the system, *if* you trust that only the user account has been compromised. However, to the user (and remember we're talking about single-user systems here), their data is much more important than system files. You can get system files back -- just reinstall. If data is lost / mangled / stolen, you can't get that data or privacy back. Yes, we're talking only about single user systems, let's not get off-track here. Regards, -- Conrad Meyer <cemeyer@xxxxxxxxxxxxxxxx> -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
