On Sun, 2005-10-30 at 18:58 +0100, Bas Wijnen wrote: > On Sat, Oct 29, 2005 at 04:10:19AM +0200, Yoshinori K. Okuji wrote: > > On Friday 28 October 2005 07:10 pm, Jonathan Shapiro wrote: > > > It is a curious thing that people simultaneously want safety from the > > > admin > > > and help from them. Sometimes you have to pick one or the other. > > > > You are right. Fortunately or unfortunately, this is the truth. So I > > repeatedly claim that balancing is the key point in making decisions. > > Still, telling people "I am the owner of this computer, you can use it, and I > am not technically able to spy on you or change your things, except if you > give me your password" should be understandable for "normal" people. When > they know this, they will also know that asking the the owner to change their > data without remembering their password will result in a negative response. > They may not like that, but I think they consider it a good idea to be > protected from the sysadmin. And if they don't, nothing stops them from > installing a back door for him. That is, this can be realised on a per-user > basis. That sounds like a good idea to me. :-)
Indeed. There is nothing wrong with an "I trust my administrator" bit somewhere in the per-use profile information, as long as this bit cannot be altered by the administrator. The question will then come down to: which way should this bit be set by the account creation software? There is no one correct answer, and my personal preference in the absence of a correct answer is to configure for stronger privacy by default. By the way, there is an additional argument in favor of "default to privacy". The administrator can also say to law enforcement: "I had no technical means to restrict the actions of this user, and I therefore am not liable for them." This is why your phone company cannot be sued if you plan a murder over the phone. Configurability here is a liability (literally) as well as a benefit. shap _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
