On Wed, 3 Jul 2002 18:51:37 -0400, "D. Olson" <[EMAIL PROTECTED]> wrote:
> > I'm with you though, in not liking the lindows idea. I've never used it,
> > but I keep hearing that it forces you to run as root. I hope this
> > doesn't catch on. IMHO, they're taking one of the greatest security
> > features and throwing it away. Running as a root makes your system much
> > more vulnerable to virii, it would seem.
>
> If that was true, yes, you would be more open to viruses (virii isn't a
> word), but since Lindows has made it clear that users log in using usernames
> and passwords, I think that they have fixed this hole.
"Virii" is most definitely a word.
> Unless I read their FAQ wrong...
For what I have read, I don't think there is any login whatsoever. Even if there
was, that doesn't change the fact that everything is running as root, which is
just as insecure as using Windows. No amount of firewalling can change this.
Their "Click-n-Run" scheme is also a potential security vulnerability, since
software is being downloaded and installed as root. It is similar in concept to
Ximian's Red Carpet and MandrakeUpdate, but I am not convinced that it is as
secure. When you are downloading and executing code from the Internet, security
is of paramount importance.
--
Sridhar Dhanapalan
"In short, Microsoft is no more able to build secure products
than England's cricket team is able to withstand the bowling
of Australia's bowlers."
-- John Leyden, "MS firewall is holier than the Pope",
The Register (http://www.theregister.co.uk), 2001-08-20.
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
