On Thu, Jan 11, 2007 at 10:06:33AM +0200, Andrei Popescu wrote: > On Wed, 10 Jan 2007 17:52:18 -0500 > cga2000 <[EMAIL PROTECTED]> wrote: > > > Mind you, and this is not directly related to the above, I sometimes > > have this bizarre feeling that much of this awkwardness we have to > > deal with -- in X certainly .. but from the linux console as well, > > albeit to a lesser extent -- eventually boils down to the *NIX model > > not having been designed from the ground up with security in mind. > > Huh? > > > I just cannot see why you should need something extreme such as root > > access to install/maintain software. > > And let users install any malware they get across on the internet just > because it popped up a window with "install me"?
I've longed for a distinction between packages that assume root priveleges to run and those that do not. The latter should be installable by any user; the former should require root permission. To a first approximation, one could distinguish them by the SUID bit on any of their executables. Of course, there would have to be firther considerations -- the packages shoulld have to come from a trusted source, for one thing, and be free of conflicts with other packages users might be allowed to install. -- hendrik -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
