Destroying "only" your home directory (was Re: Newbie question on permissions)

Michael T. Richter ttmrichter at gmail.com
Mon Apr 3 03:08:04 UTC 2006


On Sat, 2006-01-04 at 16:29 -0600, Matthew R. Dempsky wrote:

> > If someone writes a Linux virus (difficult) and you open it with an app 
> > running as root, or run it from a root terminal, it could destroy your 
> > entire system. Otherwise, the most it can destroy is your home.
> 
> This is something that has always bugged me: privelege separation 
> between root and users is primarily desirable for system administrators 
> of multi-user machines, not single-user machines.
> 
> The system files on my laptop aren't of that much importance to me.  
> Sure, it's an inconvenience to replace them, but that's no more 
> difficult than installing in the first place.
> 
> The files in my $HOME directory are precisely the ones I'm most 
> concerned about losing due to malice.



I fear you're running into a clash of cultures here.  The whole UNIX
mindset is centred on multi-user systems.  Apparently the fact that
multi-user systems are the exception these days, not the norm, has
escaped them.

The UNIX (and better) styles of multi-user security are fine for things
like servers.  Indeed they're necessary.  For desktop machines, however,
as you so aptly pointed out, the UNIX way of doing things is exactly
ass-backwards.  The stuff that's semi-trivial to replace (re-install or
re-download) is protected at all costs and the stuff that's
irreplaceable is given no thought whatsoever.

If there were a decent backup application available a lot of this could
be ameliorated.  Sadly, however, the backup software that's out there
for UNIX and workalikes is about as user hostile as you can get.
--
Michael T. Richter
Email: ttmrichter at gmail.com, mtr1966 at hotpop.com
MSN: ttmrichter at hotmail.com, mtr1966 at hotmail.com; YIM:
michael_richter_1966; AIM: YanJiahua1966; ICQ: 241960658; Jabber:
mtr1966 at jabber.cn

"My paramount object in this struggle is to save the Union, and is not
either to save or to destroy slavery." --Abraham Lincoln
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20060403/d7751c6d/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20060403/d7751c6d/attachment.pgp>


More information about the ubuntu-users mailing list