[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PackageKit policy: background and plans



On Fri, Nov 20, 2009 at 12:26 AM, Conrad Meyer <cemeyer u washington edu> wrote:
> On the contrary. On the typical single user system, it's just as bad if an
> attacker can steal / delete / modify the user's files as it is if the attacker
> can modify / delete system files. Privilege escalation isn't needed to delete
> everything the single user cares about.

Not quite.  For example, it's much easier to fix a system which has only had a
user account compromised, since if you actually trust that its only the user
account you can skip the full reinstall.

This is also assuming a strictly single user system. With features like fast
user switching it wouldn't be inadvisable or especially inconvenient to operate
business and pleasure activities from separate accounts. I don't know anyone
that does this today, but as it becomes easier to do so and if the systems don't
continue to go down the route of giving the local accounts root access then it
may be a practice which becomes common.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]