Fred Silsbee wrote: > > You don't see it do you! What you are proposing would take a > massive intricate system to protect people from themselves. SELINUX > is already a super mess duplicating controls already in place and > adding to the CPU burden. > One thing you seem to be missing - this is not only to protect new user from doing something stupid before they learn, but also to protect the rest of us from stupid mistakes by others. Or would you like to see botnets of Linux machines to go with the Windows ones? I can just picture a newbee running as root, and running an older version of their web browser that has a known exploit, and getting something nasty installed. With the profit that can be made from compromised systems, it would be irresponsible to ship systems with insecure default settings. After all, we do not want to see Linux systems that are as insecure as Windows systems are by default. Running as root all the tine defeats most of the security of a Linux system. Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
Description: OpenPGP digital signature