Hello, On Nov 3 15:14 Marcus Meissner wrote (excerpt):
On Tue, Nov 3, 2015 at 4:06 AM, Ludwig Nussel
wrote: Keep in mind that whoever's repo you add gets root access to your system.
... the library only runs as desktop user.
Installing the RPM however runs as "root".
So before we all trusted Adobe at the "user" level, and now we trust them at the "root" level.
I wonder if on an usual end-user system (i.e. on a system where the Adobe Flash Player normally is used) there is in practice a real difference when malware runs as "the user" versus when it runs as "root"? I think the real value on a computer is user data (like private data, in particular private secrets) and not system data like programs or config files because the latter can relatively easily be recreated (re-install from scratch if the system got corrupted). Perhaps when malware runs as the user it could be even worse than when malware runs as root because when malware runs as the user it might be even easier to steal private user data under certain circumstances? Kind Regards Johannes Meixner -- SUSE LINUX GmbH - GF: Felix Imendoerffer, Jane Smithard, Graham Norton - HRB 21284 (AG Nuernberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org