[Off Topic] Re: Linux security

[Daniel Carrera]

Adriano Varoli Piazza wrote:
> rm -i doesn't save you from -fr.

Indeed. That's actually why I think that aliasing rm to 'rm -i' is a 
*bad* idea because it trains the user to then add -f to make the stupid 
thing work. Instead I prefer to make 'rm' just 'rm' and set important 
files to read-only. Then, when I 'rm important_file' I get an error but 
when I 'rm unimportant_file' I don't. And most of the files I remove are 
files I meant to remove, so I only see the error in the few cases where 
it's a mistake.

Besides, I also have daily backups. So even if I delete an important 
file (I did last month) I can recover inmediately.

> I'll go out on a limb, though, and say that if
> you're running as root, don't know in which dir you're working, and
> use rm -rf when graphical desktops with trashcans are there to help
> you, you deserve it.

This is actually a good example of sane defaults. The path of least 
resistance for the user is also the safer one. That's how computers 
should be. Contrast with Windows where using the computer securely 
requires additional effort and conscious action (e.g. creating a new 
user, figuring out what to do about applications that demand admin access).


> I frankly don't agree with people that insist that _every_ part of the
> unix system should be user-friendly.

Strategic user-UNfriendliness can be a good security feature. Like in 
the example you gave. It helps gear the user in the correct path. It 
helps address the human factor (which is often the weak point in your 
security model).

Cheers,
Daniel.
-- 
      /\/`) http://opendocumentfellowship.org
     /\/_/
    /\/_/   ...and starting today, all passwords must
    \/_/    contain letters, numbers, doodles, sign
    /       language and squirrel noises.