Stewart Stremler wrote:
begin quoting JD Runyan as of Tue, Apr 19, 2005 at 09:39:35AM -0500:
2) root can read and write everything. root is the only user that can do this. If root is the only user, then attacks have access to everything
And? Why is this a concern?
-Stewart "It's all about the data. Everything else is replaceable." Stremler
People don't seem to recognize that the data is the reason the operating system, and more importantly, the file system, exist to begin with. And with a non-server machine, if the user's data is not of prime importance, then whose is?
Protecting data is my job. I recognize very well that data is important. There is only one effective way to protect data, have multiple independent copies of the data made from the master on a regular, and preferable in an automated manner. Email seems to be the most important kind of data. This can be protected, by encouraging users to use IMAP instead of POP3. The other important thing to most users are bookmarks, and stored passwords. A lot of home users use their personal computers primarily for entertainment purposes. I would say that system availability is at least as important as a users data integrity.
It's funny that some make such a fuss about maintaining the integrity of the OS even though most of them routinely upgrade their OS by nuking everything on the drive but /home! Maybe some apps, but apps can be recovered by reinstalling, which I usually do anyway, as by the time I'm ready for an upgrade most if not all my apps are out of date anyway.
Remember we are talking about non-technical users. They don't reinstall anything. If the integrity of the OS is not maintained, and their system becomes unusable, then data integrity be damned. In their mind the system is a POS. If those who serve the average home user fail to protect what they don't understand, then we are at fault for the problem. I will not accept that protecting their data is enough. The OS must be protected, such that loss of use of the computer is kept to a minimum.
Most users I know use their computers more for browsing the web, and email. Availability is more important to them than data integrity, because much of their data lives on the web. Some examples are bank information, remote access to work via citrix or VPN. A word processor is just a way to get something to print nicely. My wife, for example, clicks on the no button almost every time she asked if she wants to save a document upon closing OpenOffice. She just wanted to print the page with a pretty font, and a text editor wouldn't do that easily.
If backups are made simple, then most users will do so when prompted. Make the recovery process as easy, and when there is a problem, they will be impressed by how easily they were back up and running. Most users have come to accept that computers are machines, and they break. They are not happy when they lose things that are important to them in the process.
**********************************************************************
To simply choose that protecting the users data as the only important factor, is simply tunnel vision. Protecting the system's availability, the users data, and the systems data are important. I would gamble that those of us who are technical are more concerned with our data, than the average user. We tend to rely on our computers more, since we know how to recover the OS if there is a problem. I think the most important step to protecting all of this, is to make smart things easy, and dumb things hard. When I say dumb things, I mean anything that requires a certain level of competence to measure the risk, and then mitigate it. If it is hard, then the average user will usually solicit a little help, and the risks may be kept to a minimum.
**********************************************************************
-- "I didn't really say everything I said." --Yogi Bera -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
