recovery from stupid error
skaller
skaller at users.sourceforge.net
Thu Jul 14 23:46:26 CDT 2005
On Thu, 2005-07-14 at 18:01 -0700, Judd Pickell wrote:
[]
Judd:
Security is not about absolutes. You cannot absolutely
prevent terrorists on public transport. But you can
remove the garbage bins from stations (done where I live,
and it is annoying). You can increase the number of guards
and spy cameras. You can introduce metal detectors. Etc etc.
None of these security measures *prevent* abuse of a system, but
maybe they help reduce the frequency of abuse.
In my case, on my Ubuntu box, I have given root a password
for security reasons. Why? As you point out it does not
prevent access to my computer.
But it does:
* require ME to type in a password to gain privileges
This is most important: it protects me from me
* require my FRIENDS to ask me to grant them that access if they
want it whilst playing around on my computer
This is important too: it protects my friends from
feeling guilty if they mess up. Some of them
even know my password .. the ones that would never
use it without my permission.
This protection is not absolute -- I managed to delete my
home directory... :)
But it is definitely a security measure to require
a secret password to gain access to privilege in the
normal environment my system is in: logged in with
the desktop running.
--
John Skaller <skaller at users dot sourceforge dot net>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.ubuntu.com/archives/ubuntu-devel/attachments/20050715/e0b457f1/attachment.pgp
More information about the ubuntu-devel
mailing list