User: Password:
|
|
Subscribe / Log in / New account

Exploring options for the openSUSE security policy

Exploring options for the openSUSE security policy

Posted May 25, 2012 15:17 UTC (Fri) by nybble41 (subscriber, #55106)
In reply to: Exploring options for the openSUSE security policy by dps
Parent article: Exploring options for the openSUSE security policy

> You don't need root access even if you are installing programs like wireshark, scsi_id, etc. You might need root privileges to actually *use* some of these programs because they use features which are too dangerous to be given to ordinary mortals.

It's still a really good idea to install them as root, however, since the alternative is running programs as root which are writable a non-root user, which is a major security hole. Even if that non-root user is just you, it opens up the possibility of a local privilege escalation by malware running in your unprivileged account.


(Log in to post comments)

Exploring options for the openSUSE security policy

Posted May 30, 2012 14:34 UTC (Wed) by job (guest, #670) [Link]

For a truly personal computer however, there is no such thing as privilege escalation. All the stuff I care about are accessible from my account. There is nothing useful to an attacker outside my account.

The security model for this use case is clearly very different from a server with several daemons running, or even remotely logged in users.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds