Hi Brandon,
(I encourage everyone to use meaningful subject lines)
I suspect the real reason was that it was the easiest and quickest thing
to do at the time, and allowed the developers to focus on more pressing
issues, like getting the rest of the system working.
I'm sure this will change in the future to a more secure system, and I
welcome all the ideas that have been suggested of what that might look
like. I'm pretty sure there is a wiki page where that's been started
already. If not, anyone is welcome to create one and to post these ideas
there.
Michael
Brandon Kruse wrote:
I cannot speak for them, but look at your market place.
Not secure servers but mobile telephony.
The phone is as secure as you make it, and they have faith in the
programs that are on there.
Heck you could even make a security package to lock it down a little for
those who want something extra.
Anyone else?
--------------------------------
Brandon
On Jan 10, 2008, at 4:30 PM, Denis <[EMAIL PROTECTED]> wrote:
So why did OpenMoko developers decided to run everything as root?
2008/1/11, Brandon Kruse <[EMAIL PROTECTED]>:
Good luck easily hacking over a GPRS connection. Make your password
longer than 6 characters, a ban after retry attempts, take it off port
22 and that will save 95% of attacks from script kiddies. (everything
I listed is controllable on sshd_config, I believe)
Just imho it helps, opinion and experience :)
But overall, I agree, but your privileges are only as safe as your
software.
(eg when you run a socket based process as root, you trust it.)
However, you make a good point :)
Kde and gnome take that precaution with gtk based Sudo when you login
as a normal user (at least in debian/ubuntu) and I like that method.
--------------------------------
Brandon
On Jan 10, 2008, at 3:43 PM, Denis <[EMAIL PROTECTED]> wrote:
But as far as I understand it's not secure, esp. for a device with
wi-fi, bluetooth, gprs and running ssh daemon! Linux gives us a great
power of user privilegies management but we waste it. Woldn't it be
better to run everything as an unprivileged user, or at least ask for
password at first run time?
_______________________________________________
OpenMoko community mailing list
[email protected]
http://lists.openmoko.org/mailman/listinfo/community
_______________________________________________
OpenMoko community mailing list
[email protected]
http://lists.openmoko.org/mailman/listinfo/community
_______________________________________________
OpenMoko community mailing list
[email protected]
http://lists.openmoko.org/mailman/listinfo/community
_______________________________________________
OpenMoko community mailing list
[email protected]
http://lists.openmoko.org/mailman/listinfo/community
_______________________________________________
OpenMoko community mailing list
[email protected]
http://lists.openmoko.org/mailman/listinfo/community
