PackageKit policy: background and plans
Gregory Maxwell
gmaxwell at gmail.com
Fri Nov 20 13:52:44 UTC 2009
On Fri, Nov 20, 2009 at 12:26 AM, Conrad Meyer <cemeyer at u.washington.edu> wrote:
> On the contrary. On the typical single user system, it's just as bad if an
> attacker can steal / delete / modify the user's files as it is if the attacker
> can modify / delete system files. Privilege escalation isn't needed to delete
> everything the single user cares about.
Not quite. For example, it's much easier to fix a system which has only had a
user account compromised, since if you actually trust that its only the user
account you can skip the full reinstall.
This is also assuming a strictly single user system. With features like fast
user switching it wouldn't be inadvisable or especially inconvenient to operate
business and pleasure activities from separate accounts. I don't know anyone
that does this today, but as it becomes easier to do so and if the systems don't
continue to go down the route of giving the local accounts root access then it
may be a practice which becomes common.
More information about the devel
mailing list