Page 3 of 36 FirstFirst 1234513 ... LastLast
Results 21 to 30 of 355

Thread: What is the deal with Linux and root/admin privileges in the modern era

  1. #21
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,851

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    Quote Originally Posted by flymail View Post
    To be consistent with this opinion, you would also have to acknowledge that mounting a USB device from the GUI (which requires no password) also constitutes a security violation since it requires root privileges if mounting from command line.
    I consider that something completely different. When a device is mounted for the end-user (and that is of course done by root), it is through a layer of checks and balances that assure that the device is mounted in a way that only that one user can access it. And it will give that user no additional power to change anything on the system.

    Installing system software is changing things on the system.
    Henk van Velden

  2. #22
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,851

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    Quote Originally Posted by vazhavandan View Post
    Not only that if you share your machine with family members , they might remove some software without your knowledge and you may need to reinstall.
    I consider "family members" being amongst my general category of "stupid users" (when they have a userid on the system). In fact I consider myself amonst the "stupid users" as long as I am not busy managing the system. Thus: no Apper.
    Henk van Velden

  3. #23
    Join Date
    Jun 2008
    Location
    UK
    Posts
    5,500

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    Quote Originally Posted by vazhavandan View Post
    Not only that if you share your machine with family members , they might remove some software without your knowledge and you may need to reinstall.
    Since when did Apper or "zypper up" gain the ability to remove software?

  4. #24

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    Quote Originally Posted by hcvv View Post
    I consider that something completely different. <SNIP>
    Mounting a USB device via GUI makes changes (that presumably includes mkdir, mount, and chown) outside ~/ which is how I would define making system changes. On this point we just have to disagree, since it becomes a trivial definition argument of what we mean by `making system changes' .

  5. #25
    Join Date
    Jun 2008
    Location
    UK
    Posts
    5,500

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    Quote Originally Posted by hcvv View Post
    I consider "family members" being amongst my general category of "stupid users" (when they have a userid on the system). In fact I consider myself amonst the "stupid users" as long as I am not busy managing the system. Thus: no Apper.
    Have you considered running an enterprise system at home, such as SLE. That could help to overcome any fears you may have about compromised security at home.

  6. #26
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,851

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    Quote Originally Posted by consused View Post
    Have you considered running an enterprise system at home, such as SLE. That could help to overcome any fears you may have about compromised security at home.
    My idea is that this can perfectly be done using openSUSE.
    Henk van Velden

  7. #27
    Join Date
    Jun 2008
    Location
    UK
    Posts
    5,500

    Default Re: What is the deal with Linux and root/admin privileges in the modern era

    Quote Originally Posted by hcvv View Post
    My idea is that this can perfectly be done using openSUSE.
    As do other users, especially many openSUSE users who don't need high security at home with or without your so-called "stupid GUI users". They can enjoy the convenient and reliable (so far) service provided by Apper, as I do.

  8. #28
    dd NNTP User

    Default Re: What is the deal with Linux and root/admin privileges in themodern era

    On 01/31/2013 11:56 AM, vazhavandan wrote:
    >
    > hcvv;2523429 Wrote:
    >> Security violation. I am glad I do not install Apper on any of the
    >> systems I manage. The idea that every stupid GUI user could install
    >> system software

    > Not only that if you share your machine with family members , they
    > might remove some software without your knowledge and you may need to
    > reinstall.


    are you saying you let family members use your machine as you, with your
    account's password?

    why would you ever do that?? don't you realize that "little sister" (or
    Aunt Tilly) could EASILY wipe out *all* of your email, music, photos,
    documents, doctoral thesis, not to mention change all of your desktop
    settings etc etc etc??

    really!! every user should have their _own_ account, /home and unique
    strong password..

    and, NONE of them should have either the root password OR be able to add
    or delete system software....so, if true that Apper does not require the
    root password then the System Administrator (you) need to permanently
    disable it in sister's account!

    i do NOT know what those Apper folks are thinking (or smoking)!

    --
    dd

  9. #29
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,851

    Default Re: What is the deal with Linux and root/admin privileges in themodern era

    Quote Originally Posted by dd View Post
    On 01/31/2013 11:56 AM, vazhavandan wrote:
    >
    > hcvv;2523429 Wrote:
    >> Security violation. I am glad I do not install Apper on any of the
    >> systems I manage. The idea that every stupid GUI user could install
    >> system software

    > Not only that if you share your machine with family members , they
    > might remove some software without your knowledge and you may need to
    > reinstall.


    are you saying you let family members use your machine as you, with your
    account's password?


    dd
    Of course not. That is the most stupid assumption one can make.
    Henk van Velden

  10. #30
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: What is the deal with Linux and root/admin privileges in themodern era

    On 2013-01-31 11:06, hcvv wrote:
    >
    > consused;2523304 Wrote:
    >> There has been a small but significant change on openSUSE 12.2 KDE. If
    >> you use Apper to install your system patches and updates, you don't need
    >> to enter root's password. By default it's configured to include enabled
    >> repos, and is equivalent to running "zypper up". It's described as a
    >> benefit on the openSUSE mailing list for KDE.

    > Security violation. I am glad I do not install Apper on any of the
    > systems I manage. The idea that every stupid GUI user could install
    > system software


    Not every user, just the user that root allowed to do it.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.1 x86_64 "Asparagus" at Telcontar)

Page 3 of 36 FirstFirst 1234513 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •