On Thu, 11 Jan 2007 09:29:44 -0500 [EMAIL PROTECTED] wrote: > On Thu, Jan 11, 2007 at 10:06:33AM +0200, Andrei Popescu wrote: > > On Wed, 10 Jan 2007 17:52:18 -0500 > > cga2000 <[EMAIL PROTECTED]> wrote: > > > > > Mind you, and this is not directly related to the above, I > > > sometimes have this bizarre feeling that much of this awkwardness > > > we have to deal with -- in X certainly .. but from the linux > > > console as well, albeit to a lesser extent -- eventually boils > > > down to the *NIX model not having been designed from the ground > > > up with security in mind. > > > > Huh? > > > > > I just cannot see why you should need something extreme such as > > > root access to install/maintain software. > > > > And let users install any malware they get across on the internet > > just because it popped up a window with "install me"? > > I've longed for a distinction between packages that assume root > priveleges to run and those that do not. The latter should be > installable by any user; the former should require root permission.
/sbin and /usr/sbin vs. /bin and /usr/bin ? Malware doesn't need root privileges to do bad things. > To a first approximation, one could distinguish them by the SUID bit > on any of their executables. > > Of course, there would have to be firther considerations -- the > packages shoulld have to come from a trusted source, for one thing, > and be free of conflicts with other packages users might be allowed > to install. This will never work. Users will *always* mess it up. Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
