Re: Various suggestions.
- From: Warren Young <tangent cyberport com>
- To: Gnome List <gnome-list gnome org>
- Subject: Re: Various suggestions.
- Date: Sun, 22 Aug 1999 18:46:46 -0600
David Moles wrote:
>
> Probably the ideal situation, from the user's point of view, would be a
> "paranoia" control panel that would let you select among these different
> levels or methods. (And, heck, novice users can always use UID 0 -- after
> all, they won't be in any worse shape then they were under Win9x! :> )
There's a good idea in there -- I'm not knocking it down completely --
but if a Unix/Linux user logs in as root (or equivalent), they are in
fact worse off than under Win9x.
Why? Win9x is not a very exploitable system.
Now I didn't say that Win9x was not easy to break into, but that, once
you break in, there's not much you can do. The worst you can do is
swipe files and destroy data: script kiddie stuff.
If, on the other hand, you break into a Unix/Linux system, there's
almost no end to the havoc you can manage, simply because the OS is so
powerful. You can use it as a platform for attacking other systems in
order to mask who is doing the attacking, you can set up illicit web and
FTP sites, etc.
That's why GNOME is trying to make it possible to do everything as a
regular user, as much as possible, yet still maintain security.
Let's also not forget that GNOME isn't limited to single-user boxes.
Sure, maybe nine-tenths of all installed GNOME is on single-user Linux
boxes right now, but it's still worth shooting for the higher end of the
market. Wouldn't it be great if, say, SCO tossed CDE and started
shipping GNOME as the default UI on UnixWare? Or maybe Sun? IBM? They
won't do it if the only way to use GNOME sanely is to run it as UID 0.
As for your "paranoia" configuration item, I guess the best way to
implement it would be to have it set up special permission groups for
you. It could, for example, set your shutdown binary to be SGID
"shutdown" and add specified users to that group for you. That way,
it'd be in the user's hands to incrementally weaken their security.
The worst part about ideas like this is that you have to log out and
then back in to see the changes, since groups are set up on login, and
aren't re-checked as the user exercises those group privileges, at least
under Linux.
--
= Warren Young
= See the *ix pages: http://www.cyberport.com/~tangent/ix/
= ICBM Address: 36.8274040 N, 108.0204086 W, alt. 1714m
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]