On Friday 08 February 2008 11:43, Wolfgang Woehl wrote:
James Knott:
If I run some malicious piece of software, the contents of my home directory may be at risk, along with other files I have write permissions for, but not much else.
There you are. Loosing /home/user/* would pretty much make any persons day except Captain Backup's.
Hardware failure is more likely to cause this than some nebulous security threat that you've dreamt up in your fearful and fertile imagination.
There is no widely-used mechanism in place that would prevent any application you run from opening network sockets, having rwx access to what you own including hardware etc. Not that most apps would need all these privileges.
Again, you're claiming that people run "any application." We do not. No one just grabs some code from an unknown, untrusted source and runs it. And reliable applications that we do all use every day are known to be reliable and come from trustworthy sources.
The mechanisms exist though, they're just not used widely: Various acccess control models (sandboxing, apparmor). There's a reason these exist.
They are bandaids and afterthoughts, unneeded by well written applications and unable to truly secure insecure ones.
Randall, Sloan, James: You know all this.
You don't know what I know. Clearly.
All of you mentioned sets of things people need to be careful about. Like strong passwords, updating, establishing trust between a user and the community he/she depends on, not being a fool etc.
None of this is fundamentally different from or any harder to teach and learn than "look both ways before crossing the street" or "don't take candy from strangers."
Right on. "I click anything because I'm on linux" just doesn't fit in.
You insist on grossly misrepresenting what Joe said. He said he will "click on" any URL in his browser without concern that the HTML he retrieves via the URL will harm his system or allow others' systems to be harmed..
So, again, and concluding as I seem to have said my share: Don't advocate carelessness. It's inherently dangerous in the long run. That's not much to ask is it?
No one has even once advocated carelessness here. You interpret a lack of undue fear and apprehension in using common Linux software to access the Internet to be carelessness. It is not.
Wolfgang
Randall Schulz -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org