Destroying "only" your home directory (was Re: Newbie question on permissions)
Michael V. De Palatis
mdepalatis at mail.utexas.edu
Sun Apr 2 00:40:22 UTC 2006
On Sat, Apr 01, 2006 at 04:29:19PM -0600, Matthew R. Dempsky wrote:
> On Sat, Apr 01, 2006 at 09:51:28PM +0100, Daniel Carrera wrote:
> > If someone writes a Linux virus (difficult) and you open it with an app
> > running as root, or run it from a root terminal, it could destroy your
> > entire system. Otherwise, the most it can destroy is your home.
>
> This is something that has always bugged me: privelege separation
> between root and users is primarily desirable for system administrators
> of multi-user machines, not single-user machines.
Quite frankly, it's attitudes like these that make systems like
Windows so insecure. Ideally, if everything works, you rarely even
need enter the administrator password in order to change settings. So
why should it be such a big deal to have to those few times you need
to? It prevents you from getting screwed by accidentally running `rm
-rf /', for example.
> The system files on my laptop aren't of that much importance to me.
> Sure, it's an inconvenience to replace them, but that's no more
> difficult than installing in the first place.
But you still need them. If you're not touching them, where's the
problem?
> The files in my $HOME directory are precisely the ones I'm most
> concerned about losing due to malice.
Certainly.
More information about the ubuntu-users
mailing list