Linspire security model
Posted Mar 25, 2005 1:54 UTC (Fri) by lakeland
Parent article: First Look at Linspire 5.0
The security model in Linspire is interesting. Comparing it to mac os x
though, I think apple hit the nail much more accurately. The key
difference is that by default apple makes you a user, and whenever you
want to do anything requiring root, apple brings up a pretty interface to
As a result, you are nicely protected all the time in osx from stupid
corruption. And when you do something such as installing an application,
you get asked for your password which is then cached for a while -- the
whole thing is extremely painless. Being told "permission denied" is
something you don't want to see -- it isn't hard to educate apple uses
that whenever they get asked for their password it is because they're
doing something that is changing the system and they should be careful.
The only reason I can imagine linspire being uncomfortable about this
approach is if they don't their ability to predict when root is required.
For example, if I save a file in osx, I don't get told: "Permission
Denied", I get asked for my password. To get that level of ease-of-use,
linspire would have to trap many system calls, perhaps through a SElinux
model, SRlinux perhaps? That might be more work than they're willing to
do at the moment.
to post comments)