Kevin Cole
kjcole at gri.gallaudet.edu
Mon Oct 24 12:28:00 CDT 2005
Colin Watson wrote:
> Not the Unix systems at the university I attended, to the best of my
> memory, with the probable exception of the heavily-locked-down mail
> host. On the teaching systems, it was more important to facilitate
> learning, including from each other (note that there are other ways to
> prevent plagiarism, and locking down home directories is no defence
> against that anyway); any abuse would be dealt with by the application
> of a ton of bricks, although I don't recall this particular aspect of
> the system ever being abused.
>
> Not the Unix systems at any of the businesses where I've worked, all of
> which used Unix extensively. (The odd person has set it up that way for
> their own home directory; my experience has been that this causes more
> irritation and lost productivity than anything else.)
I would argue again that it depends on the intended audience. In both
university and business settings (at least in the US), the consequences
of hacking for those over 18 years of age are (in theory) more severe
than for juveniles. That and the fact that at least some college students
have a bit more maturity, and computer experience may be reasons for
considering a more open environment.
However, "a little knowledge is a dangerous thing" and I can think of
a few employees of Xerox Corp who might be able to attest to the dangers
of leaving their home directories unprotected. (Xerox offered our high
school an account on their mainframe... Fortunately, I was under 18, and
the statutes of limitations have long since run out. ;-) ) I still think
most new users would take privacy for granted, and would be shocked to
learn that things are more open than they'd expected. People still don't
understand how their Windoze systems can be so vulnerable, and how their
identity was stolen.
While forcing users to "unlock the door" is a nuisance, the potential
consequence of leaving the door wide open is a disaster. Should they
depend on permissions alone for security? No, but I guess what you see
as a big hammer doesn't seem all that large to me.
> There comes a point where if you make things too strict then in practice
> users will be so annoyed by the default security you've provided that
> they turn it off entirely, and you end up decreasing user convenience
> for little actual gain. I maintain that this is one of those situations,
> and that privacy issues should be addressed with a much smaller hammer.
You can only go so far to protect people who, when finding a door
that automatically locks, puts a wad of gum in the latch so that it
doesn't close correctly. I'd argue that they're the ones overreacting,
not the person who puts the locks in place. At that point, when they
get in trouble because they've defeated the security, I can say "You
dug your own grave."
(Again, though, if your audience is savvy enough that everyone
knows what they're doing, then opening things up and making sure
that everyone understands the defaults is good enough.)
Maybe I've missed it in the thread. What are you suggesting as
a smaller hammer? You might change my mind...
____________________________________________________________
[This message is digitally signed with the GNU Privacy
Guard (GPG). See http://www.gnupg.org/ for more info.]
____________________________________________________________
--
Kevin Cole | Key ID: 0xE6F332C7
Gallaudet University | WWW: http://gri.gallaudet.edu/~kjcole/
Hall Memorial Bldg S-419 | V/TTY: (202) 651-5135
Washington, D.C. 20002-3695 | FAX: (202) 651-5746
"Using vi is not a sin. It's a penance." -- St. IGNUcious, Church of Emacs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : http://lists.ubuntu.com/archives/ubuntu-devel/attachments/20051024/75e0a4cc/signature.pgp
More information about the ubuntu-devel
mailing list