[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: security vs. usability
From:       Michael Jarrett <yoamwmvs () umail ! corel ! com>
Date:       2001-02-07 14:31:13
[Download RAW message or body]

> It is obvious that most peaple's home use of KDE/Gnome/Windows
> will require that users be able to do things like burn CD's, log onto the
> internet, use a scanner ..., and these things should be as simple to
> get running as possible and should not require the root password.

If they shouldn't require a root password, they'd not need it. 

> > Alternatively you can set up new UID 0 accounts with new passwords.
> > kdesu will cache the passwords for the users, and you never have to
> > worry about it.
> > Hell, you're practically opening the door to root access anyways, no
> > reason to make it difficult for them.
> 
> I have no idea what this is and I've been using Unix for over ten years,
> what new or intermediate user is going to have a clue about this?

UID 0 is what defines root. "root" is just a name, it's the UID which
has the power. You know how set-uid works but you don't even what these
UIDs you are setting even are?

Now you can see why this should remain as is - because people who don't
understand the implications of what they are changing will lose all the
stuff on their computer, and they will be looking for someone to blame,
as people unfortunately tend to.

Michael
-- 
The address in the headers is not the poster's real email address.  Do not send
private mail to the poster using your mailer's "reply" feature.  CC's of mail 
to mailing lists are OK.  Problem reports to "postmaster@umail.corel.com".  
The poster's email address is "michaelj@corel.com".

[prev in list] [next in list] [prev in thread] [next in thread]