Re: Supporting POSIX *users*

[Jonathan S. Shapiro]

On Tue, 2005-11-01 at 17:13 +0100, Alfred M. Szmidt wrote:
>    A) Hit me in the face
>    B) Talk to the manager to make sure I lose my job, or
>    C) All of the above?
> 
> Neither.
> 
> Who do you kick in the ass if you let anyone use your console?  The
> system admin, or the person who left the console open?

In the real world: The system admin. The person who left the console
open is probably someone whose continued good will matters to you.

I'm not defending this, but it *is* what happens in practice most of the
time.

> If a user runs a unsecure program, and that program screws things up,
> it is the users fault.

Today it is the fault of the system architect, whose crappy system
design made this inevitable. It cannot be the user's fault, since they
had no authority or ability to alter circumstances.  Responsibility
follows from authority.

> Put in bad oil in the engine so it stops working, or causes a crash,
> then you don't blame the car manufacturer do you?

The situations are not parallel. We know today that 100% of all software
is insecure.

What happens to your analogy when (a) there is exists only bad oil in
the world, (b) you need to get your kid to a hospital, and (c) the auto
vendor has designed an automobile that requires perfect oil but converts
better oil into bad oil before using it? Yes, in the face of point (c) I
would blame the car manufacturer, because they have made it impossible
for me to act sensibly. The design is defective.

shap