On Fri, 26 May 2000, Stefan Siegel wrote:
> I am absolutely _AGAINST_ the idea shipping an ext2fs browser with "our"
> distro!!! You have a security concept in UNIX/Linux that not everybody has
> the right/possibility to see and modify files.
>
> NOONE has an interrested in introducing workarounds, except some stupid
> win$uck users or some viruses. Why should we deliver those groups (which I
> considder of same danger-level) the tools needet for their destructive
> tasks ...
For the same reason Mandrake supports dual boot systems. Some people are
not that concerned about security and are interested in doing things from
Windows. If Mandrake bothers to support dual boot systems at all, then
they've already committed to allowing users to create insecure systems.
Thus, it's no big deal to add a Windows ext2fs browser. This does not in
fact create any new security holes (this big gaping hole is already there
if you've created a dual boot system), although I admit it makes the
existing hole easier to use. In a sense, that's a good thing. I suspect
a lot of people don't realize what a huge security gaffe installing Windows
on your computer as well as Linux is -- this would make it more obvious.
You yourself made the mistake of characterizing this as "introducing a
workaround", when in fact no workaround is being introduced, an existing
one is simply being made easier to use.
It should also be noted that unless you've secured your system so it CAN'T
be booted from floppy or CD-ROM (or anything else), it's even easier to get
around file access rights. Insert "tomsrtbt" (or whatever your favorite
rescue distro is) and have at it. No computer is really secure from people
who have physical access to the machine.
