[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: brute force ssh attack

Matthew Miller wrote:
On Thu, Apr 28, 2005 at 10:06:26AM -0400, William Hooper wrote:

Running untrusted executables as root is a PBCAK.  Period.  I don't care
what OS you are running, be it Linux or BSD or WinXP.
In this context, the reason that Linux is "better than Windows" is because
it was designed from the ground up to do day to day tasks with a non-root
user.  Anyone that circumvents this (Linspire anyone?) is asking for the
same trouble that a Windows system always running as root has.

I think we're basically in agreement. However, I'm afraid that simple
dismissive statements like the "~0" one I responded to are part of the
problem. It has the risk of leaving the wrong impression, and leading to the
sort of fuzzy thinking that brings us Linspire's run-as-root model.

My statement was in no way dismissive, it was my assessment of the risk posed by this particular virus. What doesn't help is people getting all worked up and panicing about something which a very, very minor threat.

Nigel Wade, System Administrator, Space Plasma Physics Group,
            University of Leicester, Leicester, LE1 7RH, UK
E-mail :    nmw ion le ac uk
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]