On 2015-11-03 17:46, Claudio Freire wrote:
On Tue, Nov 3, 2015 at 1:07 PM, Johannes Meixner <> wrote:
whereas something that runs as a user can only compromise the user.
My argument is that "only compromise the user" is in practice on an usual end-user system the worst case.
It's not the worst case. But it is probably quite disastrous anyway.
It depends. An attack that destroys the user data files is horrendous. If it destroys the system, it is simple to format and recover the system, even without having a backup. It just takes time. Of course, malware with root access could do anything. But if the machine turns into a bot sending spam mail, well... I know of many people that do not care at all about that issue. It bothers other people but not "the user", they say. No kidding! -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)