On 11/02/2009 08:26 AM, Karel Volný wrote:
I'd suggest that anyone who sets up a system without any user
accounts _and_ somehow needs a GUI to configure the system
_and_ can't manage to figure out the settings to change so
they can login as root should probably not be pretending to
be a competent administrator.
I guess the last part is not correct - he *can* login as root,
but *can not* run Konqueror as root ... that's a difference
oh, and also the original post was not about installing without
ordinary user accounts
well, but this is not the point - the point is, that someone who
supposes he's smarter than the others just disables a possibility
for the others
please, stop protecting other people from themselves - if they
want to risk being hurt, just let them get hurt ...
I've got a usecase - what about using Konqueror to configure CUPS
what is the security difference between doing
$ su -
# konqueror localhost:631
and
$ konqueror localhost:631
<supply root password to konqueror when asked for>
?
in the first case, if the attacker gets in control of Konqueror,
he can do rm -rf / directly; in the latter, he can capture root
password ... which may (or may not) be more valuable
Are there not enough examples from Windows of why it's a
terrible idea to run with full administrator privileges --
especially software like web browsers?
I do not think that using Windows as an argument is worth here
and do not forget that Konqueror is also a file browser, not just
web browser (oh, does everyone really has to do "cd /etc; vi
someconfigfile" in the text console?)
K.
I went into root and deleted .kde and restarted and it fixed the problem
of running Konqueror in root,
But As far as user doing "kdesu konqueror" that still does not work.
I have to do su - and then run konqueror from terminal and the it comes up.
--
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe:
https://www.redhat.com/mailman/listinfo/fedora-test-list
