On Tuesday 19 April 2005 02:00 pm, Andrew Lentvorski wrote: > Ahh, security. That age old saw ... > > On Apr 19, 2005, at 12:56 PM, Gregory K. Ruiz-Ade wrote: > > When you think about the real-world single-user computer case, I at > > least > > come to these conclusions for security: > > <snipped some very nice security comments> > > Sadly, I agree with Robertson. Running as root and running as user > presents no difference for a single user machine. > > First: Because the user is going to blindly type in their root > password every time some program asks for it anyway. > > Second: Because most of the nasty things no longer require root > breaks. Breaking a user account is good enough for most things; I'd > be happy to be proved wrong, though. > > Want security? The only good way to be secure is to reload the image > each time. This means that the distro ships on LiveCD or CloneableCD > and rewrites every time it reboots. Thus, any "p0wnag3" gets undone > on reboot. Data remains persistent, but nothing executable is > allowed to be run until the system is online and checked. Every 6 > months you ship everybody a new DVD since they are so cheap to press. > > Basically, you would have to ship a distro that unpacks itself from > DVD, gets the persistent info, and then checks the integrity of any > downloaded software, invalidates anything that has been tampered > with, and redownloads extant applications. The problem is that this > will be slow. Maybe flash devices could fix this once they become > cheap enough. > > -a
I have read cursorily about half of this thread. I can assure you of one thing. Expecting to change the habits of users is a losing proposition. This suggestion by Alex is the only idea I have seen in this thread (admittedly not studied in depth) that seems to have any real promise. I wonder if the distro could be hooked to some hadware mechanism for locking memory into a read only state after the load so that the core system could be locked down. Not pretending to have thought this through, boblq -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
