- TalkBack 8 of 34:
- Next »
- « Previous
- Thread View
- Flat View
- This is dangerous
-
Gotta be root. This is a good thing and helps Linux/Unix to avoid some of the goofy things that happen in Windows.
Can you specify? I'm not aware of any issues with installing Windows programs as a non-administrator. Although most simply stop you right at the beginning, the ones that have completed successfully worked just fine for me.
Many, including me, enjoy the intergration of Windows but one of the unintended side effects is that apps can install with plain old user rights
As the administrator of my computer system, I can install an application that I'm not too sure about by logging in under a restricted account in Windows. If the installer ends up being a trojan, it can't do too much damage. The ability to install apps with "plain old user rights" is a good thing from an administrator point of view.
In the end, an installation program is nothing more than an executable that puts files on the hard drive and updates a database. I don't see why it is okay that Linux allows me to run all executables/scripts as a restricted user except installation scripts like RPMs. It seems like a perfect way of using social engineering to trick a user into running anything I want them to as root. If they are used to installing all RPMs as root, they won't mind running the FREE DANCING ELVES.rpm as root either. Once they've done that, their machine is mine. I can mess with their firewall, install back door servers, etc.
What's even more dangerous is that my default SuSE installation asks me if I want to use YaST to install .rpm links when I click on them in Konqueror. If I say yes, I must supply my root password (since you say I can't use a restricted account) and *poof*, an rpm trojan has taken over my Linux machine. I haven't gone to the command line and I haven't typed chmod +x. When Joe Sixpack starts using Linux, and standard operating procedure is to type his root password every time he installs a new .rpm, he won't blink twice just because the .rpm is called FREE DANCING ELVES.rpm. - Posted by: NonZealot Posted on: 03/22/05 You are currently: a Guest | Members login | Terms of Use
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Reducing Server Total Cost of Ownership with VMware Virtualization Software VMware VMware virtualization enables customers to reduce their server TCO and ... Download Now
- Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
- Finally, an easier way for Small and Mid-Sized Companies to Run Their Business Applications: IBM Smart Business IBM From the PC to the Internet to every piece of hardware and software in ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
- Learn more about tools to grow your business
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Save time with the UPS Business Essentials Guide
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
> Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
Meet Doc
-
-
Here to help you with your Document Management Needs
- Check out Doc’s Blog on ZDNet
- Help your company, help the earth I want to share with you the Environmental Defense Fund Paper Calculator, which allows you to gauge your organization's environmental impact.
- Which is Greener: Paper or Digital? The Answer May Surprise You Anything we can do to reduce paper consumption is good. But what about the impact of digital waste?
-
Produced by
ZDNet and -
