Ahh, security. That age old saw ...
On Apr 19, 2005, at 12:56 PM, Gregory K. Ruiz-Ade wrote:
When you think about the real-world single-user computer case, I at least
come to these conclusions for security:
<snipped some very nice security comments>
Sadly, I agree with Robertson. Running as root and running as user presents no difference for a single user machine.
First: Because the user is going to blindly type in their root password every time some program asks for it anyway.
Second: Because most of the nasty things no longer require root breaks. Breaking a user account is good enough for most things; I'd be happy to be proved wrong, though.
Want security? The only good way to be secure is to reload the image each time. This means that the distro ships on LiveCD or CloneableCD and rewrites every time it reboots. Thus, any "p0wnag3" gets undone on reboot. Data remains persistent, but nothing executable is allowed to be run until the system is online and checked. Every 6 months you ship everybody a new DVD since they are so cheap to press.
Basically, you would have to ship a distro that unpacks itself from DVD, gets the persistent info, and then checks the integrity of any downloaded software, invalidates anything that has been tampered with, and redownloads extant applications. The problem is that this will be slow. Maybe flash devices could fix this once they become cheap enough.
-a
-- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
