To keep professional systems secure, it's helpful to force users to keep their home desktop PC secure too, because security is a chain. I know that there are cases, when we are not part of this chain, e.g. for an audio workstation, that isn't connected to the Internet. IMO it's ok to force users to take care about security. What I don't like is, that Linux goes away from KISS, switches to unstable software etc., Polkit rules will change etc..
> I do not really know where dbus is needed on my computer: > my softwares usually do not need to communicate That is a big problem. Linux goes away from scripts and KISS for stable systems and tends to become one big experimental blob. E.g. new startup systemd, e.g. audio session handlers. A customizable and stable big blob does have advantages, but we got a lot of insane hard dependencies, so systems aren't customizable any more, so you need to switch applications and to drop old private data. Btw.to force users to take care about security is useless, when OTOH things don't work any more, because something experimental is considered as stable. Debian is one of the few distros, that doesn't jump the gun on things, but other distros at least have a new release every half year. For some applications it's useful to get new versions very often, but for the basics of the system it's insane. > I remember some article about Linus Torvalds complaining about the > over-security in distros, needing to use root account for most actions. Sometimes it's impossible to start some applications in a "normal way" as root. Sometimes even an editor only can be used with kdesu etc.. On some machines stuff as e.g. AppArmor is completely useless, it only will spam startup messages with information, that there are missing rules, for your self-compiled things. But it differs between distros, some distros set up tons of unneeded stuff, run tons of unneeded services, for other distros you even have to install X manually. The problem is that upstream tries to force everybody to go the same way. I cast an I on other *NIX and Debian does it too, there already is a Debian FreeDSP port. 2 Cents, Ralf -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1355935829.2501.59.camel@q
