>> assuming of course that the user hasn't broken the security by doing >something stupid. > >Again, this is a conversation about desktop security so I would assume the >user is eventually going to do something stupid. > >-Cameron > >...
You have to be more stupid on Linux than on Windows though. "Something stupid" on Windows would be clicking that popup window that says your computer is infected or plugging in that USB drive you found lying around. Worst case scenario on Linux with either of those is taht the user infects their own account. The password hash is still secure, as is their own password (since any password sniffer they caught would have to wait till after they log on to run). "Something stupid" on Linux would be intentionally setting up sudo to never require a password or keeping the root password in a text file accessible by everyone. Frankly anyone with the know how to configure sudo or with access to the root password should be smart enough not to do those kinds of things. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology-Michael-Dinowitz/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-community/message.cfm/messageid:320072 Subscription: http://www.houseoffusion.com/groups/cf-community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-community/unsubscribe.cfm
