Fake Emails about Emergency Security Update
Ben Steeves
ben.steeves at gmail.com
Tue Oct 26 15:42:04 UTC 2004
On Tue, 26 Oct 2004 09:27:17 -0400, Sean Middleditch
<elanthis at awesomeplay.com> wrote:
> On Tue, 2004-10-26 at 09:16 -0300, Ben Steeves wrote:
> > On Mon, 25 Oct 2004 20:46:29 +0200, Kyrre Ness Sjobak
> > <kyrre at solution-forge.net > wrote:
> > > These frauds are damn impossible to protect against...
> >
> > Nonsense. Just don't give clueless users the ability to a) become
> > super user, b) compile things, c) install things.
> >
> > And if your clueless user *is* your super user... well, then you have
> > problems. :-)
>
> The problem is that, for home users, that is pretty much guaranteed to
> be the case.
Not necessarily. When I set up a system for a non-technical user who
doesn't need root, I don't give them root. They can still do
everything they need to do, without the risks associated with even
having to understand how priviledge works.
Even clued users shouldn't run things as the super user. Part of
being clued is the understanding of why.
--
Ben Steeves _ bcs at metacon.ca
The ASCII ribbon campaign ( ) ben.steeves at gmail.com
against HTML e-mail X GPG ID: 0xB3EBF1D9
http://www.metacon.ca/bcs / \ Yahoo Messenger: ben_steeves
More information about the fedora-devel-list
mailing list