[Off Topic] Re: Linux security

Florian Diesch diesch at spamfence.net
Fri May 5 22:34:12 UTC 2006 

"Michael Richter" <ttmrichter at gmail.com> wrote:

> On 05/05/06, Jim Richardson <warlock at eskimo.com> wrote:
>
>     On Fri, 2006-05-05 at 07:09 +0800, Michael T. Richter wrote:
>     > On Thu, 2006-04-05 at 21:07 +0200, Alan McKinnon wrote:
>     > > If Daniel's family are getting 0wned, then either there is a family
>     > > member that isn't following the rules and infecting everyone else or
>     > > there is a hole out there that he hasn't taken into account.
>     >
>     > And I suspect the former.  Whenever I hear people say "but I didn't do
>     > anything hazardous" -- and I mean 100% of the time -- a bit of digging
>     > finds that they practised unsafe computing.  And it often only takes
>     > one moment of inattention.
>     >
>
>     how does a moment's inattention of a non-root/admin user, totally hose a
>     box to the extent of needing a rebuild?
>
>
> Well, the first thing is that because of laziness, most Windows boxes have the
> users set up as adminitrators.  This is true, too, even under environments
> where there are supposedly trained staff who should know better.

The problem is that a lot of programs need admin privileges to work and
you don't have to create a non-admin account when installing windows.

> There is only user ignorance and administration laziness to blame for a Windows
> box that's not locked down.  Are you logging in as an administrator for
> day-to-day tasks?  Then you're the reason you're getting hit with malware.  Do
> the same thing under UNIX systems (and people do this!) then make the

Ubuntu tries really hard to make people not to work as root. Other
distributions often tell you at least that you should not work as root.


> following typo blunder:
>
> cd /
> <enter a string of commands here and, in the process, forget where you are>
> rm -fR * .old
>
> What was that about "sane defaults" and "graceful error recovery" that someone
> else was blathering on about again?  There's not so much as a "are you sure you
> want to kill your system?"-style error message there.  
> The "sane default" is to trash your whole file system.  From a
> moment's inattention.  

A root shell to work with command line programs is not exactly what
beginners a confronted with at most modern Linux distributions by
default.

Of course Linux let's trash you your whole file system if you really
want. But that's not what you have to care about  at your daily work.





   Florian
-- 
Emacs is both the hottest and the coolest editor of all.
[David Kastrup in  <85bquyk0y4.fsf at lola.goethe.zz>]

More information about the ubuntu-users mailing list