> will tell you that having those kind of permissions systems when the > INTRUDER has physical access to the device is next to pointless.
the om is connected via wlan or bluetooth -- thus allowing hacking into it (if it is not posiible right now it will some day). thus the user does not necessarily notice if there's an intruder. second: what ways to boot the om _without_ destroying all data? if you need to hack the password for the root account to be able to manipulate existing data, there's another fence to jump. > What benefit does havign things like OPKG SUID give us that having > opkg run as root doesn't? only opkg is run, not everything possible. logging in as root opens a world of ways to harm your data, either by accident or deliberately. expoliting suid requires a bug in the program suid'd. > User "John" running sudo rm -rf /* is better than root running "rm -rf > /*" because...? see above. you can configure which commands/programs may be run with sudo. and user john is not every user -- a user able to run sudo needs to belong to a specific group, configurable as well. > If you want security, unprivaledges users must NOT > EVER be able to run privaledged commands. see above. > have various roles. This assumption doesn't exactly hold when the > entire filesystem is small enough to be put in one's pocket. the om represents a device more powerfull than the computer linux was developed on. i am not sure i understand you correctly, but for me it sounds like you saying user/group separation is meaningfull for servers only (and only because physical access can be prevented), for end user computers, laptops specifically, it is a waste. if so, you are pretty much alone with this understanding. what bothers me: as far as i understand the vast majority of applications is ported from existing linux distributions or just recompiled -- so, why would one disable the user/group principle the apps obey on their native platform? ubuntu for one works rather well with that wheel/sudo way and even on non-ubuntu systems users are able "to run a lot of root applications such as rdate, power off, opkg, etc." w/o beeing root all the time. _______________________________________________ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community