Vote for new Ubuntu Feature---Let's try it again --- and without getting all religious about it

Jeffrey F. Bloss jbloss at tampabay.rr.com
Fri Jan 12 01:40:38 UTC 2007


Derek Broughton wrote:

> Matthew Clarke wrote:
> 
> >> Nobody has yet explained to me what the problem is with simply
> >> using your brain for something besides keeping your skull from
> >> caving in, and thinking about what you're doing for the .32
> >> seconds it takes to realize you're opening something in read only
> >> mode.
> > 
> > This argument doesn't hold a lot of sway for me.  There are many
> > reasons why people (read: fallible human beings) will get into the
> > situation described by the OP that have nothing to with "being
> > dumb". For instance, being new to linux, being rushed, being tired,
> > etc
> 
> That's actually _exactly_ why Jeffrey's view is important - none of
> those are good reasons for letting someone bypass security.  Those
> are _exactly_ the reasons to enforce security, as they are the
> situations that lead to error. I just disagree that Chanchao's
> suggestion in any way bypassed security.

It undermines security by elevating privileges *after* an action has
been taken. A changed copy of a config file in memory for example
is only safe if you trust in the premise that some nefarious software
or a "bug" won't allow it to be saved. The safeguards afforded by
requiring users to authenticate prior to actually doing something are
there for the very same reasons you state above, and then some. Even in
the rare cases where it appears an application changes direction in mid
stream you'll see that no actual "work" has been done prior to that
password entry. Again the example of Update Manager, which reads system
state and available upgrades, but never even spawns a shell to download
those packages, let alone install them, without auth.

-- 
     _?_      Outside of a dog, a book is a man's best friend.
    (o o)         Inside of a dog, it's too dark to read.
-oOO-(_)--OOo-------------------------------[ Groucho Marx ]--
    grok!              Registered Linux user #402208
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070111/854be05e/attachment.pgp>


More information about the ubuntu-users mailing list