Date: Thu, 3 Feb 2005 00:32:23 -0800 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "Gert Cuykens" <gert.cuykens@gmail.com>, "Chris Hodgins" <chodgins@cis.strath.ac.uk> Cc: freebsd-questions@freebsd.org Subject: RE: xhost +localhost Message-ID: <LOBBIFDAGNMAMLGJJCKNEEDHFAAA.tedm@toybox.placo.com> In-Reply-To: <ef60af0905020218193eea1fc9@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Gert Cuykens > Sent: Wednesday, February 02, 2005 6:20 PM > To: Chris Hodgins > Cc: freebsd-questions@freebsd.org > Subject: Re: xhost +localhost > > > > Don't want to be rude but do you have a specific reason for running > > xscreensaver as root? > > > > Chris > > Well the reason is very simple actuale lets pretend we have a user > gert. User gert has alot of pictures and music stuff phone numbers > user gert dont want does things to be gone. Somebody hacks user gert > because user gert uses a screensaver. And the hacker deletes all > files. User gert is not happy because he lost everything. Do you think > user gert gives a chit that the system was untouched because the > hacker did not had root permission ? > > For me its wrong to think user accounts are not importend because they > do for the average window xp single user. They dont care about viruses > infection on there system reinstalling everything they care about > there files. So if sreensaver is a securty risc as root i doesnt mean > its not a security risck for a user account. The only differens > between a root and user should be that users can not read or mess with > other users files. The security sould be EXACTLY the same. So if root > can not run a screensaver then the users can also not run a > screensaver. While all of this is very interesting academic, if user Gert is dumb enough to leave the console of his UNIX system accessible then user Ted can come along and power cycle it into single user mode and wipe his disks whether he has the root password or not. Or, are you assuming that the 'bios' passwords in the typical PC are immune from 60 seconds of CMOS battery removal? Ted
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?LOBBIFDAGNMAMLGJJCKNEEDHFAAA.tedm>