From owner-freebsd-questions@FreeBSD.ORG Thu Feb 3 13:43:41 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DFB7416A4CE for ; Thu, 3 Feb 2005 13:43:41 +0000 (GMT) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3E0D543D4C for ; Thu, 3 Feb 2005 13:43:41 +0000 (GMT) (envelope-from gert.cuykens@gmail.com) Received: by rproxy.gmail.com with SMTP id f1so214820rne for ; Thu, 03 Feb 2005 05:43:39 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=MD+dAm8Q9OA+MN374ALrkEY9SoWQlD/0R7JpE1D8Ui1zJWF6n1RdYKiYYsGMsCRXb3Fj4Y1iHBBqDVpAXQ6XoYbnc2DHQ9LBK20YyVma+yeieCOiMI7yhkUd9O0O8Wslg39gBEQeZUvcNhwTcaaTZC5LhwiZJOzRrT9ROeIrL7I= Received: by 10.38.71.66 with SMTP id t66mr84859rna; Thu, 03 Feb 2005 05:43:39 -0800 (PST) Received: by 10.38.74.23 with HTTP; Thu, 3 Feb 2005 05:43:39 -0800 (PST) Message-ID: Date: Thu, 3 Feb 2005 14:43:39 +0100 From: Gert Cuykens To: Ted Mittelstaedt In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: cc: freebsd-questions@freebsd.org cc: Chris Hodgins Subject: Re: xhost +localhost X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Gert Cuykens List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Feb 2005 13:43:42 -0000 On Thu, 3 Feb 2005 00:32:23 -0800, Ted Mittelstaedt wrote: > > > Don't want to be rude but do you have a specific reason for running > > > xscreensaver as root? > > > > > > Chris > > > > Well the reason is very simple actuale lets pretend we have a user > > gert. User gert has alot of pictures and music stuff phone numbers > > user gert dont want does things to be gone. Somebody hacks user gert > > because user gert uses a screensaver. And the hacker deletes all > > files. User gert is not happy because he lost everything. Do you think > > user gert gives a chit that the system was untouched because the > > hacker did not had root permission ? > > > > For me its wrong to think user accounts are not importend because they > > do for the average window xp single user. They dont care about viruses > > infection on there system reinstalling everything they care about > > there files. So if sreensaver is a securty risc as root i doesnt mean > > its not a security risck for a user account. The only differens > > between a root and user should be that users can not read or mess with > > other users files. The security sould be EXACTLY the same. So if root > > can not run a screensaver then the users can also not run a > > screensaver. > > While all of this is very interesting academic, if user Gert is dumb > enough to leave the console of his UNIX system accessible then user > Ted can come along and power cycle it into single user mode and wipe his > disks whether he has the root password or not. > > Or, are you assuming that the 'bios' passwords in the typical PC are > immune from 60 seconds of CMOS battery removal? > > Ted Can a non root user shutdown a pc ? PS does your pc have a power cable :)