[Off Topic] Re: Linux security

Jim Richardson warlock at eskimo.com
Fri May 5 07:05:16 UTC 2006 

On Fri, 2006-05-05 at 13:42 +0800, Michael Richter wrote:
> On 05/05/06, Jim Richardson <warlock at eskimo.com> wrote:
>         On Fri, 2006-05-05 at 07:09 +0800, Michael T. Richter wrote:
>         > On Thu, 2006-04-05 at 21:07 +0200, Alan McKinnon wrote:
>         > > If Daniel's family are getting 0wned, then either there is
>         a family
>         > > member that isn't following the rules and infecting
>         everyone else or 
>         > > there is a hole out there that he hasn't taken into
>         account.
>         >
>         > And I suspect the former.  Whenever I hear people say "but I
>         didn't do
>         > anything hazardous" -- and I mean 100% of the time -- a bit
>         of digging 
>         > finds that they practised unsafe computing.  And it often
>         only takes
>         > one moment of inattention.
>         >
>         
>         how does a moment's inattention of a non-root/admin user,
>         totally hose a
>         box to the extent of needing a rebuild?
> 
> Well, the first thing is that because of laziness, most Windows boxes
> have the users set up as adminitrators.  This is true, too, even under
> environments where there are supposedly trained staff who should know
> better.
> 

since a large number of MS-Windows apps pretty much require admin privs,
it's easier for people who have to use such apps, to simply run as
admin. However, you said "the first thing" which implies that there is a
second, at least. So how would someone running as a normal user (which
was the question I asked) infect their machine so badly to require a
rebuild? 

> My mother?  She's set up as a regular user.  She doesn't even have the
> password to the administrator account readily available.  It's
> available in an envelope should she find herself needing it -- like,
> say, when tech support people walk her through a procedure but she has
> never used it except under tightly-controlled circumstances.  My wife,
> similarly, has a user account, not an administrator account.  And for
> the same reasons.  She practices much more careless computing than I
> like to see (for starters she still downloads ActiveX controls from
> the annoying Chinese websites that put everything into plug-ins) but
> she still hasn't been hit by any malware.

As others have pointed out, one "clean" machine, doesn't really mean
much. Throw enough dice, and eventually, you see boxcars.

>  
> There is only user ignorance and administration laziness to blame for
> a Windows box that's not locked down.  Are you logging in as an
> administrator for day-to-day tasks? 

To be clear, I don't use MS-Windows. so *I* am doing nothing of the
sort. 

>  Then you're the reason you're getting hit with malware.  Do the same
> thing under UNIX systems (and people do this!) then make the following
> typo blunder:
> 
> cd /
> <enter a string of commands here and, in the process, forget where you
> are>
> rm -fR * .old
> 
> 
> What was that about "sane defaults" and "graceful error recovery" that
> someone else was blathering on about again?  There's not so much as a
> "are you sure you want to kill your system?"-style error message
> there.  The "sane default" is to trash your whole file system.  From a
> moment's inattention.
> 

I use Ubuntu, which as a sane default, doesn't really have a root user.
Not in that way.  Sudo does this job nicely. Can you shoot yourself in
the foot? yes, but it takes some effort, not just clicking on the wrong
button one a webpage somewhere. 

Linux is far from perfect, like most things. But it's a damn sight
closer to that goal than redmondware. 




-- 
Jim Richardson <warlock at eskimo.com>
Erisian Claw

More information about the ubuntu-users mailing list