Re: brute force ssh attack

• Previous message: Matthew Miller: "Re: installing rpms from yum"
• In reply to: Matthew Miller: "Re: brute force ssh attack"
• Next in thread: Nigel Wade: "Re: brute force ssh attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Fri, 29 Apr 2005 13:50:20 +0100
To: For users of Fedora Core releases <fedora-list@redhat.com>

Matthew Miller wrote:
> On Thu, Apr 28, 2005 at 10:06:26AM -0400, William Hooper wrote:
>
>>Running untrusted executables as root is a PBCAK. Period. I don't care
>>what OS you are running, be it Linux or BSD or WinXP.
>>In this context, the reason that Linux is "better than Windows" is because
>>it was designed from the ground up to do day to day tasks with a non-root
>>user. Anyone that circumvents this (Linspire anyone?) is asking for the
>>same trouble that a Windows system always running as root has.
>
>
> I think we're basically in agreement. However, I'm afraid that simple
> dismissive statements like the "~0" one I responded to are part of the
> problem. It has the risk of leaving the wrong impression, and leading to the
> sort of fuzzy thinking that brings us Linspire's run-as-root model.
>

My statement was in no way dismissive, it was my assessment of the risk
posed by this particular virus. What doesn't help is people getting all
worked up and panicing about something which a very, very minor threat.

-- 
Nigel Wade, System Administrator, Space Plasma Physics Group,
             University of Leicester, Leicester, LE1 7RH, UK
E-mail :    nmw@ion.le.ac.uk
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555
-- 
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

• Previous message: Matthew Miller: "Re: installing rpms from yum"
• In reply to: Matthew Miller: "Re: brute force ssh attack"
• Next in thread: Nigel Wade: "Re: brute force ssh attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: which PC ... when User tries to perform the task that requires root authority, ... includes Risk Assessment and Risk Management, ... so that comparative assessments can be made. ... I doubt that you've ever conducted a formal Risk Assessment. ... (rec.photo.digital) Re: Wisdom Tooth Coronectomy ... > sufficiently close to some nerve that there is a risk that her lip may ... the root fragments, ... > carries a risk of permanent anaesthesia but that the risk is lower ... (sci.med.dentistry) Re: [SLE] Error on virusscanning ... > The risk isn't huge (unless you do everything as root all the ... That is what I enjoy with Linux. ... I never have to work as root (can, ... work properly as a normal user; it requires Administrator rights, ... (SuSE) Re: XP SP2 ... root -- since they did publish it to MSDN on the date they said they ... > That site confirms my claim that a valid digital signature makes the SP2 ... >> risk adverse person waits until the official download site has the ... >>>>>It will be there tomorrow on the download site. ... (microsoft.public.windows.server.sbs) X windows problems ... three have started to exhibit instability with the X Windows system when ... I did this locally as root on the RH8 machine and it logged me in ... and the 2 RHEL systems are 64-bit AMD systems from a UK company ... (RedHat)