| |||||||||||||
Storm worm gains strengthStorm worm gains strengthPosted Aug 30, 2007 19:24 UTC (Thu) by oak (subscriber, #2786)In reply to: Storm worm gains strength by IkeTo Parent article: Storm worm gains strength
> that program is under a sandbox that never include more than the
So you would be only securing the system, not what user has? (user doesn't
> And people frequently see packages floating on the web, and many claims
And currently Ubuntu is educating users with its sudo system that whenever
Security by obscurity... "our system is more secure because it doesn't
(Log in to post comments)
Storm worm gains strength Posted Sep 1, 2007 8:42 UTC (Sat) by IkeTo (subscriber, #2122) [Link] > So you would be only securing the system, not what user has? (user doesn't> care about "system", they care about their own data, the data to which > they have access)
Then they should. If the system itself is not secure, we don't have a basis to talk about data security. If the system is compromised, you can trust the system to recover from neither the system nor its data. If only user data is damaged you can still trust the system. Also, since distributions like Ubuntu enpower users without much previous Unix experience or knowledge to install a Linux based system, it means they are in charge of the system, so there is no "system administrator" but themselves to keep the system in a secure shape. But how distributions can make sure their users are capable to do so? The answer needs to be: By making it simple enough. Of course the user *also* care about data security. That is very much the same argument, albeit much more difficult to provide without very much education.
> And currently Ubuntu is educating users with its sudo system that whenever
I actually do not use a Ubuntu system regularly, I have installed one and used it for less than a week. So I don't perfectly know the security implications, even though I read a lot about it. On the other hand, popping up the password dialog is no longer unique to Ubuntu. Fedora does the same. The only difference is that they prompt for the root password rather than your own password.
So Fedora is more secure *because* it prompts for the root password instead of the user password? When a Fedora (or even Debian!) system asks for a user password? What is the difference that the system trains the user to distinguish? The answer: a Fedora user prompts for the user password only for (1) login, and (2) change user password. The system thus trains the user to distinguish system access and login/password changing. What a good deal... even the worst naive idiot can distinguish them! Bottom line, if a home user using Ubuntu can be tricked to type his own password and install a malicious .deb package, the same user having switched to Fedora can be tricked to type the root password to install an equivalent malicious .rpm package.
My belief is that the system design should distinguish two types of activities that the user can be expected to do: (1) those that the users are expected to do from time to time and are easy to do, and (2) those that are hard enough to do that the user will never do casually. (1) should be safe enough that the action cannot jeapodize the system at all; and (2) should be rare enough that a casual user need not use them at all. Since Ubuntu (Debian, Fedora, whatever) is a system that allows third party packages, and their target is to make it easy, it is in class (1), so it means they should be rock solid. This is perhaps a big dream, but having a dream is better than having no dream.
|
|||||||||||||