LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Linspire security model

Linspire security model

Posted Mar 25, 2005 1:54 UTC (Fri) by lakeland (subscriber, #1157)
Parent article: First Look at Linspire 5.0

The security model in Linspire is interesting. Comparing it to mac os x
though, I think apple hit the nail much more accurately. The key
difference is that by default apple makes you a user, and whenever you
want to do anything requiring root, apple brings up a pretty interface to
sudo.

As a result, you are nicely protected all the time in osx from stupid
corruption. And when you do something such as installing an application,
you get asked for your password which is then cached for a while -- the
whole thing is extremely painless. Being told "permission denied" is
something you don't want to see -- it isn't hard to educate apple uses
that whenever they get asked for their password it is because they're
doing something that is changing the system and they should be careful.

The only reason I can imagine linspire being uncomfortable about this
approach is if they don't their ability to predict when root is required.
For example, if I save a file in osx, I don't get told: "Permission
Denied", I get asked for my password. To get that level of ease-of-use,
linspire would have to trap many system calls, perhaps through a SElinux
model, SRlinux perhaps? That might be more work than they're willing to
do at the moment.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds