TobiSGD |
12-12-2012 09:32 AM |
Quote:
Originally Posted by konsolebox
(Post 4847760)
Still after they had written those it still won't be enough to give that much damage. You're missing a crucial factor which can never appear in Linux as compared to XP. At least it can never be that close as how things are arranged.
|
Instead of making vague statements, just come out with it directly: Why do you think that an successful attack against root on a Linux system would be less harmful or more restricted than a successful attack on a XP user with admin privileges.
Quote:
Not always especially on services.
|
As I stated before, services usually are not started from the GUI itself. I am talking about the applications that are running within the GUI, browser, chat-clent, VLC, whatever.
Quote:
Do you really think it's necessary to not run the browser as root?
|
No, i don't believe that. It is a fact that it exposes security risks to do that. This is a technical matter, not religion or philosophy, believes don't have a place here, knowledge has.
Quote:
Are all source sites that dangerous, and if there are exploitive ones would they be even always effective against your own client?
|
We had hacks in the last time against FreeBSD, against the kernel.org site and what not. You simply can't know which site may contain malicious code. regarding the client, nowadays most browsers are either based on Mozilla's engine, on the Webkit engine or are named Opera. What make you think that your browser is not attackable on that base?
Quote:
What's the significance of it if your browser cannot or will not be breached at all?
|
A browser that can not be breached must by definition be a browser without any flaw in design and implementation. Such a browser does not exist.
Quote:
Just shows how closed your perception about the matter is that you wouldn't even think of other possibilities other than the obvious.
|
Again, don't be vague, if you have something to say come out with it. I am open to anything that makes sense and it is possible to convince me.
Quote:
Again it's about the other benefits one would choose over unnecessary insecurity and indeed there are reasons as to use GUI as root compared to what you stated that I find absolutely conservative.
|
But you still did not come up with any good reason to use a GUI as root, besides laziness and a possibly slightly larger footprint of applications that are running as a different user in the GUI. Both reasons are not important enough to trade security in for them.
|