[OT] Re: Running graphical programs as root

Kevin Chadwick ma1l1ists at yahoo.co.uk
Thu May 10 00:03:06 CEST 2012


On Wed, 09 May 2012 20:36:40 +0200
Maximilien Noal wrote:

I'll keep this short and my last response because we are really abusing
the xfce mailing list!

> limited user account instead of using an 
> Admin account

Hence likely

>>On windows 7 it's not much more complicated with 10Gb
>> of code sitting there....  
>Well, there is the limited user account and the UAC in the way, isn't
>it ?

The 10Gb gives lots of choice to raise priviledges from a limited user
account. Though in fact you can probably just ask nicely, with the
admin shares and remote registry etc. :-) Security software helps combat
malware and close of rediculously open services but actually likely
makes for a higher attack surface for a hacker.

Basically you can almost garantee stopping a machine doing what a hacker
wants it to do, you can't stop a hacker doing what you do anyway which
probably includes everything important to you. Often they want your
computer not your info though. To protect your info you need simple
bug-free code, aka OpenBSD and a scriptless browser and/or a good
seperation strategy etc..

If you want a secure computer use unix.

The saying goes

If you need a secure computer, don't connect it to the internet, don't
turn it on, and bury it in a shielded bunker.

I meant to keep it short, sorry.


More information about the Xfce mailing list