On 02/05/18 18:05, Kamil Dudka wrote: > On Wednesday, May 2, 2018 4:34:51 PM CEST Stephen John Smoogen wrote: > <snip> >> This leads to the problem outlined in >> https://xkcd.com/1200/ where the user account is more precious than >> having root. > Wait. If you have full root access, you have automatically access to data > (and running sessions) of all users on that system. > > I think you are misreading the xkcd. It says that stealing a user sessions > is _almost_ as serious as having root access on that system. Still as root > you can do a superset of things compared to having a user session only. > > no, I'm afraid you're misunderstanding. if someone steals a laptop the live user session can be more valuable than the root password. with the live session you have access to everything the owner of the sesion is logged into. with the root password you have access to everything on the laptop. But you can't for example access his banking account .you need the banking account login details. -- The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
