Mailinglist Archive: opensuse-factory (602 mails)

< Previous Next >
[opensuse-factory] Re: [PLEASE SPEAK UP] Disabling legacy file systems by default?
  • From: Jim Henderson <hendersj@xxxxxxxxx>
  • Date: Mon, 11 Feb 2019 19:01:27 -0000 (UTC)
  • Message-id: <q3sgq7$5rv9$1@blaine.gmane.org>
On Mon, 11 Feb 2019 19:41:45 +0100, Liam Proven wrote:

The *only* way to win over such people is to ensure that there are no
problems in their path. That everything works as they expect.

The question is understanding the expectations.

Most people want secure systems that are easy to use.

Making the system as secure as possible by default and presenting options
to (for example) remove the blacklist entry when appropriate seems like
the right path forward to me.

Leaving insecure/exploitable filesystems available by default, to me,
seems like a really bad idea.

I mean, if we want to make sure there are no problems in their path,
let's remove usernames and passwords as well. Passwords are just an
obstacle to a good user experience, after all.

Maybe we should ship with Xorg permissions open to the world. Because if
I'm running an application remotely from another system, having to type
'xhost +' or to enable permissions is "too hard".

People who run dual-boot OS/2 and Linux aren't your typical "no-brain
users" (as some seem to think users are). Most who come to Linux are
interested in actually learning something about what they're using, in my
experience.

And as another subthread in this long discussion has already explored,
there are ways to make it simpler and to provide some hints about the
filesystems being blacklisted for those who actually need them.

I mean, we could remove *all* of the security subsystems. Let's turn off
the firewall by default, because if I'm running Spotify, syncing my local
files to my mobile devices is a royal PITA with the firewall turned on.
So let's disable it for everyone because of this one edge case - that
seems reasonable, no?

In fact, using sudo or su to change to root is a PITA as well - it's an
obstacle that a lot of people don't like. Let's get rid of the user
model entirely and just run everything as root. Because it's a
convenience thing. Who cares if the system isn't secure that way or the
user can shoot themselves in the foot easily? Convenience is the most
important thing, after all - and if we run everything as root, then the
user is never going to be dealing with an "access denied" situation that
they might have to troubleshoot.

*That's* the problem with the approach of saying "well, it's not a big
filesystem, so it doesn't matter" - it's a default behaviour that affects
everyone, and it's a bad default behaviour because it makes systems less
secure for the benefit of a few, just like disabling the firewall by
default would.

Jim
--
Jim Henderson
Please keep on-topic replies on the list so everyone benefits

--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation
This Thread