From owner-freebsd-chat@FreeBSD.ORG Mon Oct 20 23:55:54 2003 Return-Path: Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 92B2616A4C0; Mon, 20 Oct 2003 23:55:54 -0700 (PDT) Received: from stork.mail.pas.earthlink.net (stork.mail.pas.earthlink.net [207.217.120.188]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8B6A743FBD; Mon, 20 Oct 2003 23:55:51 -0700 (PDT) (envelope-from tlambert2@mindspring.com) Received: from user-38lc0fk.dialup.mindspring.com ([209.86.1.244] helo=mindspring.com) by stork.mail.pas.earthlink.net with asmtp (SSLv3:RC4-MD5:128) (Exim 3.33 #1) id 1ABqQm-0006uT-00; Mon, 20 Oct 2003 23:55:48 -0700 Message-ID: <3F94D7DF.632EEE65@mindspring.com> Date: Mon, 20 Oct 2003 23:53:19 -0700 From: Terry Lambert X-Mailer: Mozilla 4.79 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd.org@carmoda.com References: <20031019172258.57908.qmail@web14602.mail.yahoo.com> <3F93EBEA.9070900@carmoda.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-ELNK-Trace: b1a02af9316fbb217a47c185c03b154d40683398e744b8a45333e7aa43bb305d0f0b07dc0c1eb7ba3ca473d225a0f487350badd9bab72f9c350badd9bab72f9c cc: peter lageotakes cc: freebsd-questions@freebsd.org cc: freebsd-chat@freebsd.org Subject: Re: Problems with ordinary user permissions X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Oct 2003 06:55:54 -0000 carmoda wrote: > ~sigh~ > > seems like an awful lot of stuffing around for something that a > user/developer should be able to access by default *in my opinion*. so > far i have about 30% of functionality of my previous W2K system after > several times the time required for setup. [as a workstation] > > FreeBSD may be 'free' and more stable, but after i add my time to a > setup it is over twice the price of XP Pro. You charge too much. 8-) 8-). > Something HAS to be done on the install front. I did select 'developer + > X-windows' in the sysinstall and i think it would make more sense if the > account security was more 'open' for the average user given they would > be 'developing' on the platform. i mean, half of my apps didnt work due > to permissions being short. again, i did select that i wanted a > 'developer - x-windows' install. Windows defaults to "everyone on the Internet can write my disk"; FreeBSD defaults to "only root can write my disk"; OpenBSD defaults to "only God can write my disk, and even he needs a 1024 bit key". It's all a matter of trading security vs. ease of use. For the most part, you should install all software as root, and then expect that the software can be configured to "do the right thing" as part of the install. In general, I would say that most of your problems arise from the UNIX security model, and the failure of the software vendors or ports maintainers or both to anticipate you using your machine as if it's a signle use box. FWIW, if you are going to use the machine as a single user box, you probably want to create your user as uid 0:0, even if the name is not actually "root", and then auto-login the user without a password into something like a KDE environment. Then the console user owns all the hardware, and there's no issues for single user use that need you to go to root to resolve. -- Terry