On Mon, Apr 21, 2014 at 6:17 AM, Orcan Ogetbil <oget.fedora@xxxxxxxxx> wrote: > On Sun, Apr 20, 2014 at 6:59 PM, drago01 <drago01@xxxxxxxxx> wrote: >> There is difference between a software developer, a sysadmin and a >> user that simply wants to share his music with his family. The latter >> should not have to learn about computer security to do it, > > Why not? Because for those people a computer is just a tool. > I lock my door every night before I go to sleep, because I learned > about home security. No you don't do it because "you learned about home security" (I do not know if you did or not this is not the point), but because it is common sense to do so. That is comparable to using a password which user do use. Also where do you draw a line? The user have to know what sockets and ports are? How computer networks generally work? Learn about subnets and routes? How process and file privileges work? Learn about file caps? SELinux labels and there meanings? Which requires understand what syscalls are and how they work. Learn and study the mathematics behind cryptography to chose the right algorithm? Understand how and why buffer, heap and integer overflows can affect there security? Which requires knowlegde of the underlying architecture (x86 / x86_64) along with how memory allocation works, how data is placed out on the stack / heap ... Learn how to modify or write a selinux policy to confine an untrusted application? [...] I did learn those things so did probably you and Harald but designing an operating system that requires deep technical understanding to be used is just a failure on our part. What seems easy and obvious to people on a *operating system development mailing list* is not for the general public (believe it or not that's a fact). And no that's not because people are stupid. They just have different professions and interests. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
