[ale] Sunday 05-22-05 6PM RUN-AS-ROOT CHALLENGE

Michael B. Trausch fd0man at gmail.com
Thu May 19 15:35:43 EDT 2005


Jim Popovitch wrote:
> 
> Listen folks, the issue of total resiliency is not what this RUN-AS-ROOT
> discussion is/was about.  A car could come through the wall and destroy
> the computer.  Lighting could strike the powerline, hail could melt and
> flood, the dog could chew..., the kid could put cheese in...., the mad
> wife could pour bleach, etc., etc., etc.,  yada yada yada.
> 
> What hasn't been shown is how running as non-root prevents the permanent
> LOSS OF DATA (the real value on a Desktop/laptop) any more so than
> running as root.  
> 
> Re-flashing the BIOS is minor to rebuilding past work.
> 

Riiiight.  Have an end user say that.  Smarter end users actually use
CD-RW and DVD +/- RW drives for something called "backing up their data."

Why?  They're used to losing it all the time to their operating system.
 Granted, this happens a little bit less since the widespread acceptance
(read: "push") of NTFS into the user market, however, it still happens.
 In-place reinstalls aren't perfect.  Things break, things fail.  And
the whole issue is that much of the problems that plague those systems
would be preventable if they weren't running as a god-like user all of
the time.

A regular user can't write to the operating system's protected areas, or
kill off utilities that are used by the system, or any of that type of
crap.  If people in general ran as regular users, they wouldn't need to
lose their stuff all of the time.  They might be forced to lose it when
the hard disk drive dies or something like that, but not becuase of a
vulnerability that they would otherwise not needed to try to work around
becuase they were running as a regular user.  You want to make the
entire argument about data, well there you go.  There are reasons that
running as root can help to demolish your data, and yet again, you will
overlook and ignore them, no?

	- Mike

-- 
Michael B. Trausch                               <fd0man at gmail.com>
Website: http://fd0man.chadeux.net/     Jabber: mtrausch at jabber.com
Phone: +1-(678)-522-7934              FAX (US Only): 1-866-806-4647
===================================================================
Do you have PGP or GPG?  Key at pgp.mit.edu, Please Encrypt E-Mail!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature




More information about the Ale mailing list