Mailinglist Archive: opensuse (1728 mails)
| < Previous | Next > |
Re: [opensuse] Re: Carelessness busts Linux security
- From: Basil Chupin <blchupin@xxxxxxxxxxxx>
- Date: Fri, 11 Dec 2009 20:24:07 +1100
- Message-id: <4B220FB7.3030907@xxxxxxxxxxxx>
On 11/12/09 18:46, jdd-gmane wrote:
Have you understood what I am asking/questioning here?
Novell/openSUSE has pushed out the development of oS unto "the
community" - the "Build Service" - and any upgrades to the oS are
installed with zypper or YaST which ask for root privileges before being
implemented.
As far as I am aware Novell/openSUSE have no way of checking the
benevolence of what is produced in BS - except by user peer-review. And
by the time the review is made the damage to some system is done -- but
Linux keeps claiming, or at least not coming forward to dispel the
impression, that users hold that Linux is not vulnerable to security
breaches.
The only mantra I keep hearing is that only someone with root access can
do anything to a Linux system - but a while back, in this forum, there
was a statement which stated that permissions can be altered even if
they were within the user's home directory -- but this is where the
discussion stopped because noone wanted to carry on with this topic any
further.
However, if I am wrong then I would dearly love to hear from some
OFFICIAL in Novell/openSUSE - and not from - and I mean *no* offence
here in any form or shape - someone called "jdd-gmane" who comes from
"gmane.org" - whatever that may be.
BC
--
If you don't succeed you run the risk of failure.
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
Le 11/12/2009 07:56, Basil Chupin a écrit :Have you read and understood what was stated in that kubuntu forum posting?
The question raised in the kubuntu forum also did not attract a responseI don't really understand your concern.
from those offering kubuntu to its audience. The security question there
also remains unanswered - the same as here I have to say.
As long as (some) user can install things as root, they can install
malware. It's nearly impossible to have an heuristic detecting malware
before they do they (bad) job.
Fact is AFAIK such malware are very qhickly detected and removed when
they come and never spread the world (like shows the thread that was
quoted here)
what do you want more?
jdd
Have you understood what I am asking/questioning here?
Novell/openSUSE has pushed out the development of oS unto "the
community" - the "Build Service" - and any upgrades to the oS are
installed with zypper or YaST which ask for root privileges before being
implemented.
As far as I am aware Novell/openSUSE have no way of checking the
benevolence of what is produced in BS - except by user peer-review. And
by the time the review is made the damage to some system is done -- but
Linux keeps claiming, or at least not coming forward to dispel the
impression, that users hold that Linux is not vulnerable to security
breaches.
The only mantra I keep hearing is that only someone with root access can
do anything to a Linux system - but a while back, in this forum, there
was a statement which stated that permissions can be altered even if
they were within the user's home directory -- but this is where the
discussion stopped because noone wanted to carry on with this topic any
further.
However, if I am wrong then I would dearly love to hear from some
OFFICIAL in Novell/openSUSE - and not from - and I mean *no* offence
here in any form or shape - someone called "jdd-gmane" who comes from
"gmane.org" - whatever that may be.
BC
--
If you don't succeed you run the risk of failure.
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |