Ysgrifennodd Anders Johansson:
and if you run as root, this won't protect you at all
If you run as root, you deserve everything you get. It's folly and stupidity, and I certainly hope you're not suggesting this to any other newbies you're showing linux to.
In fairness, I don't think that was what this marginal troll was saying. The difficulty seems to me to be that his threat model is different from that of many of the rest of us. He is prepared to discount the fact that someone other than himself might access his Linux box without his knowledge and do evil things. He trusts all the people he lives with, and he trusts the locks on his doors and windows and, possibly, the burglar alarm. My threat model says that I have private stuff on my box and I don't want anyone but me accessing it. One way of ensuring that is by passwording my account. It seems to me to be so little trouble to do this, that I willingly do it - on the basis that all good security is based on the principle of security in depth (the more doors you have to get through, the harder the treasure is to steal). He's entitled to his opinion on his threat model, but I don't see why he should want to force it on the rest of us - especially when it is so easy to change an account from being passworded to having no password. I just don't see his problem. But that's just me. What do I know? Peter -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org