[ale] Linux Distributions

Michael B. Trausch fd0man at gmail.com
Wed May 18 03:08:23 EDT 2005


Jim Popovitch wrote:
> 
>>Just to set the record straight, I don't consider any of your posts in
>>this little conversation we're having as trolling.  However, the fact
>>that you would post a message to a LUG mailing list claiming that
>>running everything as root is perfectly safe is a little suspicious.
>>
> 
> But I never made that claim.  You are saying that I did, but I haven't.
> I have argued that not all systems are alike and therefore different
> policies apply, yes even 20 year old best practices.  I have only
> questioned the statements that say desktop linux systems must never be
> root-only.
> 

So what you're saying is that it's okay to have the mass population
running systems that are easier to control for the spread of malware?
It doesn't matter *what* operating system the mass at large runs, if
they're running as the most privileged user on the system that has the
rights to everything, including the system binaries, then anything that
happens can do anything and spread itself anywhere.

That's something that, should people switch operating systems to
something like Linux, they should take advantage of.  Having users
running good quality, free software, means nothing if you don't have
them taking advantage of the protections and capabilities that it has,
period.

People like you that say desktop Linux systems should be run as root,
aren't looking at the bigger picture, at all.  *THAT* is the fact, and
the fact that you'd disagree with that without thinking about what comes
out first, shows that while you may have intelligence, you certainly
could use it better.

The implications of users running as root are pretty bad, when you're
talking about you or myself.  If you're talking about an entire world,
then yes, the implications are even worse.  Linux systems will become
just as vunerable to attack and malware because of that.  Why?  Because
if you get that to be the mainstream thought, then developers will
eventually start to think it and develop software that requires it, all
of the time, and then what happens?  Users that don't want to run with
root, to use the protections that are available to them, cannot, if they
want to use the software that everyone else is using.  The mentalality
is something of a poison, which if you get the (stupid) mass public to
think, and then the (stupid) mass public uses the software, and then
(stupid) mass developers program for that aforementioned stupid mass
public, then you've got a problem.

Running as root, is bad.  Period.

	- Mike

-- 
Michael B. Trausch                               <fd0man at gmail.com>
Website: http://fd0man.chadeux.net/     Jabber: mtrausch at jabber.com
Phone: +1-(678)-522-7934              FAX (US Only): 1-866-806-4647
===================================================================
Do you have PGP or GPG?  Key at pgp.mit.edu, Please Encrypt E-Mail!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature




More information about the Ale mailing list