[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Root in FC10



R. G. Newbury wrote:
> That's my point. You are adding the job of nanny under the guise of
> security. That is NOT security.

Boy, this is getting old.

If you run as root, any bug that allows for remote code execution is
an immediate root compromise, with no need for any privilege
escalation.  If you run as a normal user, such security bugs do not
lead directly to a root compromise.  Adding SELinux to the mix further
decreases the chances that such an exploit will lead to a root
compromise.

If you want to run in an insecure manner, change the default and get
on with your day.  Repeatedly saying that it has nothing to do with
security will not make it any less true.

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In the beginning the Universe was created. This has made a lot of
people very angry and has been widely regarded as a bad move.
    -- Douglas Adams

Attachment: pgpNez5yabsV8.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]