[H-GEN] Supporting Mozilla

Joe Skilton shnads at 3blokes.mine.nu
Sat Oct 18 04:41:31 EDT 2003 

[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]


----- Original Message -----
From: "Trent WADDINGTON" <s337240 at student.uq.edu.au>

> I _really_ don't understand that attitude.  If your machine is being used
> as a single user machine then what is the point of having a seperate
> account for that single user?  Sure, the user can delete things that would
> be bad for them to do so, but that's always been the case with Windows and
> no-one seems to have a problem with that.

I do have a problem with that, which is why I chose Linux as my main OS. In
saying that even my Win2k Pro install that I do keep for 'compatibility'
reasons does not run as the 'administrator' user, which keeps the nausea I
get from using it down to a minimum.

> Is it because we fear what viruses or worms can do to the kernel or the
> standard linux base?  Just about any application that a user downloads and
> installs will have to be done as root anyways...

The main reason I do this is for security (if anything I run has an exploit
at least the intruder won't get root access), and also for the plain fact
that alot of Linux/Unix software will refuse to run under a root account.
(and no I don't think su'ing to root is alot of trouble when something needs
to be installed.)

> Ultimately, what we need for single user operating systems is to protect
> the user from untrusted applications.. that's a very hard thing to do and
> a completely different kettle of fish to protecting multiple users on the
> same machine from each other (which is what unix security is all about).

If I can stop these 'untrusted' applications from getting system wide access
by running them as a restricted user I would rather do so, at least it's a
start.

Correct me if i'm way off here, this is only my opinion.

Cheers,
        Joe Skilton

P.S, To answer the Lindows question that Rob asked, yes it's run as root to
allow the 'click and play' functionality to operate successfully.


--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/

More information about the General mailing list