[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Getting lock during commit stalls cvs ci

From: Jim Hyslop
Subject: Re: Getting lock during commit stalls cvs ci
Date: Fri, 03 Feb 2006 10:27:11 -0500
User-agent: Mozilla Thunderbird 1.0.6 (Windows/20050716)

Hash: SHA1

Harry Putnam wrote:
> Jim Hyslop <address@hidden> writes:
>>>How is that true with a single user home machine?
>>Security 101: Viruses, Trojan horses, Sony DRM rootkits and so on. The
>>effects of many of these malware are severely curtailed if you are not
>>running as root.
> That all sound pretty far fetched... first off, if all that stuff is
> running or installed, someone has root already.  It won't matter what
> I run as.
> Not to be argumentative but I still don't see the big deal.  If my
> machine is rooted I'm already sunk.

And if your machine is not yet rooted, you want to keep it that way,
don't you? That's the goal here.

One of the basic premises of security is "minimize your risk of
exposure." If you habitually log in and work as root, then every program
you run has root privileges. You are creating a huge risk of exposure -
if you accidentally trigger a Trojan horse, you've just given it carte
blanche access to your system. On the other hand, if you run with
ordinary user privileges and only invoke `su' (or, in Windows, 'runas')
when absolutely necessary, then that Trojan horse won't be able to get a
foothold in the first place.

- --
Jim Hyslop
Dreampossible: Better software. Simply.
                 Consulting * Mentoring * Training in
    C/C++ * OOD * SW Development & Practices * Version Management
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird -


reply via email to

[Prev in Thread] Current Thread [Next in Thread]