Re: Root privilege (SOLVED)

To: debian-user@lists.debian.org
Subject: Re: Root privilege (SOLVED)
From: Andrei Popescu <andreimpopescu@gmail.com>
Date: Thu, 11 Jan 2007 17:48:22 +0200
Message-id: <[🔎] 20070111174822.0bee94af@think.homenet>
In-reply-to: <[🔎] 20070111142944.GD16395@topoi.pooq.com>
References: <[🔎] 20070108053332.GB15852@santiago.connexer.com> <[🔎] 20070109195057.GB820@turki.gavron.org> <[🔎] 1168374065.2211.49.camel@boomerang.ran.sandia.gov> <20070109231731.GC820@turki.gavron.org> <[🔎] 20070109232805.GD820@turki.gavron.org> <[🔎] 20070109233701.GA25245@santiago.connexer.com> <[🔎] 20070110054221.GA12265@turki.gavron.org> <[🔎] lhrf74xcvc.ln2@ursa-major.ursine.ca> <[🔎] 20070110225218.GF12265@turki.gavron.org> <[🔎] 20070111100633.5206dbee@think.homenet> <[🔎] 20070111142944.GD16395@topoi.pooq.com>

On Thu, 11 Jan 2007 09:29:44 -0500
hendrik@topoi.pooq.com wrote:

> On Thu, Jan 11, 2007 at 10:06:33AM +0200, Andrei Popescu wrote:
> > On Wed, 10 Jan 2007 17:52:18 -0500
> > cga2000 <cga2000@optonline.net> wrote:
> > 
> > > Mind you, and this is not directly related to the above, I
> > > sometimes have this bizarre feeling that much of this awkwardness
> > > we have to deal with -- in X certainly .. but from the linux
> > > console as well, albeit to a lesser extent -- eventually boils
> > > down to the *NIX model not having been designed from the ground
> > > up with security in mind.
> > 
> > Huh?
> > 
> > > I just cannot see why you should need something extreme such as
> > > root access to install/maintain software.
> > 
> > And let users install any malware they get across on the internet
> > just because it popped up a window with "install me"?
> 
> I've longed for a distinction between packages that assume root 
> priveleges to run and those that do not.  The latter should be 
> installable by any user; the former should require root permission.

/sbin and /usr/sbin vs. /bin and /usr/bin ? Malware doesn't need root
privileges to do bad things.

> To a first approximation, one could distinguish them by the SUID bit
> on any of their executables.
> 
> Of course, there would have to be firther considerations -- the
> packages shoulld have to come from a trusted source, for one thing,
> and be free of conflicts with other packages users might be allowed
> to install.

This will never work. Users will *always* mess it up.

Regards,
Andrei
-- 
If you can't explain it simply, you don't understand it well enough.
(Albert Einstein)

Reply to:

References:
- Re: Root privilege (SOLVED)
  - From: "Roberto C. Sanchez" <roberto@connexer.com>
- Re: Root privilege (SOLVED)
  - From: cga2000 <cga2000@optonline.net>
- Re: Root privilege (SOLVED)
  - From: "Casey T. Deccio" <casey@deccio.net>
- Re: Root privilege (SOLVED)
  - From: cga2000 <cga2000@optonline.net>
- Re: Root privilege (SOLVED)
  - From: "Roberto C. Sanchez" <roberto@connexer.com>
- Re: Root privilege (SOLVED)
  - From: cga2000 <cga2000@optonline.net>
- Re: Root privilege (SOLVED)
  - From: Paul Johnson <baloo@ursine.ca>
- Re: Root privilege (SOLVED)
  - From: cga2000 <cga2000@optonline.net>
- Re: Root privilege (SOLVED)
  - From: Andrei Popescu <andreimpopescu@gmail.com>
- Re: Root privilege (SOLVED)
  - From: hendrik@topoi.pooq.com

Prev by Date: Re: exim4
Next by Date: Re: Why and how to blacklist soundcard or networkcard modules?
Previous by thread: Re: Root privilege (SOLVED)
Next by thread: Re: Root privilege (SOLVED)
Index(es):
- Date
- Thread