Destroying "only" your home directory (was Re: Newbie question on permissions)
daniel.carrera at zmsl.com
Sat Apr 1 22:42:44 UTC 2006
Matthew R. Dempsky wrote:
> This is something that has always bugged me: privelege separation
> between root and users is primarily desirable for system administrators
> of multi-user machines, not single-user machines.
I couldn't disagree more. Priviledge separation is crucial for decent
security even for a single-user machine whenever that machine is
connected to the internet. Lack of priviledge separation is the key
reason why Windows 9x is is the most insecure system around. This is why
Microsoft is trying to add priviledge separation to Windows (although
their imprelemtation is poor) and this is why Machintosh moved to a Unix
base in OS X.
> The system files on my laptop aren't of that much importance to me.
> Sure, it's an inconvenience to replace them, but that's no more
> difficult than installing in the first place.
No, you're missing the point. Most viruses don't just delete your system
files. The ones that do are easy to detect and just a minor
inconvenience. The nasty viruses are the ones that try to hide
themselves and run on the background. They might read your keystrokes as
you type your credit card number. They might turn your computer into a
zombie. They might send themselves to everyone in your addressbook.
These are the things that real viruses do, and these are things that
priviledge separation protects you against. A virus cannot install
itself, or read your keystrokes in Linux because those things require
> The files in my $HOME directory are precisely the ones I'm most
> concerned about losing due to malice.
How many viruses have you heard of that work by deleting your personal
You can protect your home files by making backups. Ubuntu has a simple
backup program (I think on the archives) that makes backups. Those
backups will require root access to delete.
/\/_/ A life? Sounds great!
\/_/ Do you know where I could download one?
More information about the ubuntu-users