On Mon, 2005-10-03 at 21:26 -0500, Ryan wrote: > On Monday 03 October 2005 05:02 pm, Craig White wrote: > > What Windows does has nothing to do with Unix/Linux. > > Ok, but a fair comparison is a Windows admin who logs on as 'administrator' > and a Linux admin who logs on as 'root'. > > While the two OS's are very different, the end result of logging on as root is > very similar. ---- If you merely call root on Linux, Administrator on Windows both 'superusers' the identification is much the same. The difference is, any Linux distribution worth it's salt will give you methods to access superuser privileges from a normal login whereas you have to have Administrator privileges to do superuser tasks on Windows. There is a big distinction. If you need to download say a print driver, you are using a web browser as a normal user in Linux and as superuser in Windows. ---- > > > >Debian (and things like Ubuntu) have it right. > > I disagree entirely. So long as the user is displayed a warning indicating > that its a bad idea to do so, I see nothing wrong with allowing a user to > control their own system. ---- OK - it's your machine, your call ---- > > > It's really a poor idea. > > Ok, I have to ask. If I log in to machine *not connected to any network*, and > I am doing admin tasks, what danger do I run that I wouldn't if I run as root > from a terminal on a limited account? ---- you may have already downloaded some malicious code in a web browser plugin, java applet or ??? that doesn't get executed until you fire up the root account and use a web browser. Just the first idea that comes to my mind...I'm not gonna spend a lot of time thinking about the what ifs. ---- > > The Debian distros (Ubuntu, Mepis) sudo setup is way more complicated than > necessary - it offers no more protection with significantly more headaches. > Nothing is as pointless as forcing a user to use sudo to run a compiler. > > If I want an "admin" account and a "root" account I'll go burn my money on a > mac. :-) ---- Mac's are as bad as Windows - making everyone a superuser by default. These guys aren't at all concerned with security - only ease of use. Don't get me started on OSX - it's OT on this list anyway. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.