-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stewart Stremler wrote:
> So they have someone to blame, and are happy! Isn't that why people buy proprietary software? :) >>Better than not running as root. > > HOW? I think we have had a number of explanations as to how. Only one of which you seemed to like. But you inferred that you are mainly playing devils advocate here and that you agree that you should not use your computer as root. So what are some of your reasons? I think there is also the argument to be made that nobody really runs a single user system anyway. Most households I know of have several users on their computers. Mom, dad, one or two kids, etc. I think most Lindows systems will be used in that way just like most of the Windows systems I see are used that way. I think perhaps we have allowed ourselves to be trolled with a red herring here. > In a single-user non-dual-boot system, how is not running as root > more secure than running as root? Getting even more specific! This situation is getting so rare that it is hardly worth arguing. > Sounds like a challenge. Invite him to do so. It would be amusing. He > doesn't even have to present -- just show up, put his machine on the Doesn't sound like a good idea. These sort of "hack me" challenges rarely prove anything. > We had someone hack the Corel rep? Whoops. That's nice of us. IIRC we almost did but the personal was an ethical soul (ie. not going to get anywhere in the world) and stopped short of causing any real damage and them politely pointed out exactly what the problem was so as to improve the system. > Point at SELinux and chanting "neener neener neener we're secure" does > not an argument make, either. I do not believe anyone has done this. Security discussions always devolve into arguing over semantics and absolutes. Since it is impossible to be "Secure" with a capital 'S' we must assume the convention that anytime someone implies security they mean "more secure" not perfect security. I think SE Linux does add more security. And so far with zero overhead as I have done all kinds of things to my laptop and never had to mess with it. > The argument seems to be _HOW_ is it less safe? But do you agree with the premise that it is less safe? We have offered a number of reasons how we think it is less safe. What are yours? > A lot of people confuse multi-user system constraints with single-user > system constraints. Feeling trolled, I posit that single-user systems are quite rare and that a distribution should be prepared to handle a multi-user system or it is failing the user. > With TWO users, the situation changes drastically. Losing just one > user's data is bad, but not as bad as losing the data for BOTH users. > So _system_ security becomes paramount. You protect the system so > that a compromise of one user does not affect the other user. Exactly. So, shall we proclaim that Linspire is not a multi-user system? If that is the case then that is a great argument against it I think. > It oughtn't. > > If it does, that's a separate issue, as it's no long a single-user > machine, but a server. Every host on the Internet should be capable of being a server. That is part of the utility of the net. Linspire users will inevitably want to run P2P file sharing apps at the very least. I think we have been arguing the wrong thing all along. > VMS-like or VMS-style, please. The constraint is that all changes must > be preserved, not just the N most recent ones. Actually, Zope Object DataBase does a pretty good job of this. All changes are preserved. This is one of the ways it provides atomicity. You do occasionally have to bite the bullet and repack the db losing changes though unless you have infinite disk space. >>>You don't get sharp arguments by cheering. You get 'em by applying >>>the whetstone of logic and contrarianess. >> >>Sometimes it's just annoying. > > > And crappy arguments aren't? > > I'm plenty annoyed. I've decided to be generous and share. I have to agree with Neil that taken too far it does get annoying. I think it's for Stewart to show us his cards. :) Where do you really stand on the issue? As an experienced Unix guy your opinion is valued. > Seriously, we have a 'so-and-so sucks because he says something we > don't agree with' and not a lot of sober analysis of the pros and cons > of his position. All-or-nothing reasoning is rarely reasonable, and > it's quite annoying. I am trying to provide sober analysis of the pros and cons. > Where, in this thread, have I recommended installing packages in $HOME? You seemed to indicate that if you are a developer you might want to install things in $HOME. Having a few personal binaries that only I use in ~/bin seems to have utility also. - -- Tracy R Reed http://[EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCZcT19PIYKZYVAq0RAtGLAJoDpd8KnemafwzCr/8F9VVI5eOzrQCfWKci hIvy7oUMl7ehwPDV5gi/vS4= =UCdL -----END PGP SIGNATURE----- -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
