Whoever gets them to run malicious code by exploiting them or their software will still get access to all of their data, since it was all stored as that user.
It's generally worse than that, in practice, because you usually have to be root in order to install most software. So unless a user is reading every line of code and compiling it locally, you're just need to shift the exploit into the install program.
Now look, it's theoretically possible to make it so that nearly all programs can be installed without root privileges, but this requires pretty much a complete rewrite of the unix hierarchy. Unix wasn't designed with home systems in mind.
If I recall correctly, by default any admin user has access to change the root password. So yes, they're not root, but it's trivial for them to become root.
Even with only a single user at least the attacker only has access to your personal files and is unable to trash the entire system.
If an attacker gets access to my personal files you can bet I'm going to reinstall my entire system anyway. So what's the difference?
Some of which I listed above, including protecting your system from a poorly written piece of software itself as well as protecting the system from the user making mistakes and damaging important system files.
But what are you protecting? A bunch of static libraries that can be easily replaced anyway. Again, it's the data that matters, and that's not owned by root anyway.
Any exploitable program you run as another user will still need a local escilation exploit in order to do anything harmful.
What harmful thing can be done with root access which can't be done with access to the primary user's account?
Running something like apache as root, and any vulnerability in programs such as phpMyAdmin will make your whole server go poof.
As was said, this doesn't really apply to daemons. I ssh to my machines as root, but I still run apache as www.
ActiveX and a lot of spyware is contained in windows when running as non-administrator. It's running as admin (like most people do), that cause the majority of problems with things.
Spyware doesn't need root privileges to spy on you.
You're changing the rules of what space means according to what's conveinant for your argument.
No, I made a comment saying that "} else {" takes up less space, and I'm explaining what I meant by that (it allows you to fit more in a screen or page of code).
You are either wrong in saying that using no line breaks and leaving all the code on one line wouldn't make the code "smaller" or your wrong in thinking that extra newlines increase the size of the code.
Leaving all the code on one line wouldn't allow you to fit more code in a screen or on a page. Adding extra newlines makes less code fit in a screen or on a page. Both are true.
I haven't had cable in years. If Brighthouse had offered a cable modem for those of us who didn't have cable for a reasonable price they'd have gotten my service instead of Verizon:).
I guess it all depends where you live. Where I live, you're pretty much screwed either way, but when we moved in my girlfriend didn't yet have her cellphone so we figured getting a phone line essentially free would be better than getting cable essentially free. Now that she's got a cell phone, and Verizon has raised its rates, that equation is probably going to go in the other direction when we move.
Bah, those of us with Verizon DSL in Florida just got our rates raised unless we sign a year long contract. I think I'm paying something like $40/month just for DSL (more when you factor in the phone line that I don't use, with taxes it comes out to $63.75/month). Where I live Verizon is the only choice for DSL, and cable modem service is even more expensive if you don't already have cable television (at least it was before the new rate raise, I'll have to reconsider cable modem service when I move in June). I even thought about just going with dialup. But I'd still have to pay the $20/month for a phone line I don't use so it wouldn't be worth it.
I use bookmarks mainly not for finding sites but for remembering to check the sites in the first place. Basically, the only bookmarks I use other than as a reminder are those few I have in the toolbar, and they are the ones I visit enough that one click is much better than typing a google search.
I have one bookmarks folder called "bills", which is really a combination of the two. Every week or so I go through this list of bookmarks to the login pages of sites where I pay my bills (my phone company, my student loans, my car payment, etc). Sure, I could just keep better records and only go to these sites when I owe them money, but I'm too disorganized for that.
As for the search engine part, anything I add to my bookmarks file would be automatically crawled on a regular basis
Oh yeah, and this almost goes without saying, but I'd want a cached copy of these pages kept, of course. In fact, while we're at it, how 'bout an archive of every historical version, a la archive.org's Wayback Machine.
I'm not sure if this is what delicious does, but I'd like to add a book mark and automatically have that website added to my own private search engine/directory. The directory location would be default to some sane default - for instance, if I add a bookmark which is already in DMOZ, then it'd be added to the same directories as in DMOZ. If it didn't already exist in DMOZ, then I would have to place it somewhere myself, and this would be remembered for others unless I marked the bookmark private.
As for the search engine part, anything I add to my bookmarks file would be automatically crawled on a regular basis (subject to robots.txt rules I guess). I'd have a directory of any pages which changed in the last X days, and I'd have another directory of dead bookmarks.
Since your being so pedantic I might as well be too.
Hey, you started it. I think it's obvious what I meant.
It doesn't take up less space. It takes up just as much space, but in your case certain lines happen to be wider.
Either you've got a non-rectangular screen, none of your lines are longer than "} else {", or you're wrong.
I guess ultimate readability then would be where you write 80(or whatever the width of your terminal is) characters of code and then start the next line?
I never said taking up space was the only factor contributing to readability, but it is one of them.
Besides buying the IDE cards I'd have to buy enclosures and power supplies. In the end I'd wind up paying more money for something slower and probably less reliable (IDE is very sensitive about how long the cables are). And I'd be using up expansion slots, which are already full on my primary desktop machine, and which I don't even have on the machine I'm using right now - my laptop. I'd probably save a little bit of money on electricity, though. Never measured just what kind of power these things consume.
In the end the reason I do it isn't primarily based on cost concerns anyway. It's fun tinkering with old hardware and getting it to do something useful.
Hash functions are, by their nature, not reversable. So there's no way to take a hash and have that give you a file that has that hash.
That is what a secure hash function does. But just a plain old hash function may or may not be easily reversible. For instance, I can define a hash as the sum of all the 1 bits in the file. It would be trivial to create a file which has the same has, in that case.
That's kind of what I was getting at by saying that there's always a risk that the plane is going to crash, no matter how skilled the operator.
Then again, maybe I'm overestimating the risk with a flying object. I suppose if it's built right the plane could cruise long enough to get to a nearby runway even if all the motors go out. You could lose all steering capability possibly, though this is possible in a car too. I suppose if we built a landing/crashing strip below the populated places one might fly this would put the safety level roughly in line with a car. Of course, that largely defeats the purpose of using the air in the first place (I suppose we still wouldn't have to build bridges and road maintenance would be less).
What about the people whose houses these things are going to fall on when people without the skills required for a current private pilots license decide that "whenever they please" means during thunderstorms or when the clouds are generating ice or when the wind is gusting to 90 knots?
Most likely you'll need a license and insurance in order to operate these things. In fact, mandatory insurance makes even more sense for these things then it does for cars. It's pretty easy to keep a car on the road. Keeping a plane in the sky is impossible to do with 100% certainty, no matter how skilled you are.
Marketing something as an "air car" will mean people will still fly it to the grocery store.
Only if it's cost efficient. If it costs $100 in fuel and taxes to go to the grocery store, just about no one will do it. The only important thing is that we tax the fuel to pay for the pollution. The rest will be handled perfectly well by the free market.
This goes to show what a great game an open source project can create.
More like, this goes to show that an open source project can clone a great game. Isn't FreeCiv just a free remake of a game created by non-free developers?
Slashdot Mirror
Whoever gets them to run malicious code by exploiting them or their software will still get access to all of their data, since it was all stored as that user.
It's generally worse than that, in practice, because you usually have to be root in order to install most software. So unless a user is reading every line of code and compiling it locally, you're just need to shift the exploit into the install program.
Now look, it's theoretically possible to make it so that nearly all programs can be installed without root privileges, but this requires pretty much a complete rewrite of the unix hierarchy. Unix wasn't designed with home systems in mind.
If I recall correctly, by default any admin user has access to change the root password. So yes, they're not root, but it's trivial for them to become root.
Even with only a single user at least the attacker only has access to your personal files and is unable to trash the entire system.
If an attacker gets access to my personal files you can bet I'm going to reinstall my entire system anyway. So what's the difference?
Some of which I listed above, including protecting your system from a poorly written piece of software itself as well as protecting the system from the user making mistakes and damaging important system files.
But what are you protecting? A bunch of static libraries that can be easily replaced anyway. Again, it's the data that matters, and that's not owned by root anyway.
Any exploitable program you run as another user will still need a local escilation exploit in order to do anything harmful.
What harmful thing can be done with root access which can't be done with access to the primary user's account?
Running something like apache as root, and any vulnerability in programs such as phpMyAdmin will make your whole server go poof.
As was said, this doesn't really apply to daemons. I ssh to my machines as root, but I still run apache as www.
ActiveX and a lot of spyware is contained in windows when running as non-administrator. It's running as admin (like most people do), that cause the majority of problems with things.
Spyware doesn't need root privileges to spy on you.
For a single user system, there's no good reason not to run as root. I regularly log in as root on all the systems I own.
You're changing the rules of what space means according to what's conveinant for your argument.
No, I made a comment saying that "} else {" takes up less space, and I'm explaining what I meant by that (it allows you to fit more in a screen or page of code).
You are either wrong in saying that using no line breaks and leaving all the code on one line wouldn't make the code "smaller" or your wrong in thinking that extra newlines increase the size of the code.
Leaving all the code on one line wouldn't allow you to fit more code in a screen or on a page. Adding extra newlines makes less code fit in a screen or on a page. Both are true.
Hmm, so $63.75 is the price for living in a state with no income taxes? I think I'm gonna have to take that deal.
They're a corporation. I don't hate them or love them, I just treat them in a profit-maximizing way, just like they treat me.
OK, OK, I love google. But don't tell anyone.
I haven't had cable in years. If Brighthouse had offered a cable modem for those of us who didn't have cable for a reasonable price they'd have gotten my service instead of Verizon :).
I guess it all depends where you live. Where I live, you're pretty much screwed either way, but when we moved in my girlfriend didn't yet have her cellphone so we figured getting a phone line essentially free would be better than getting cable essentially free. Now that she's got a cell phone, and Verizon has raised its rates, that equation is probably going to go in the other direction when we move.
Bah, those of us with Verizon DSL in Florida just got our rates raised unless we sign a year long contract. I think I'm paying something like $40/month just for DSL (more when you factor in the phone line that I don't use, with taxes it comes out to $63.75/month). Where I live Verizon is the only choice for DSL, and cable modem service is even more expensive if you don't already have cable television (at least it was before the new rate raise, I'll have to reconsider cable modem service when I move in June). I even thought about just going with dialup. But I'd still have to pay the $20/month for a phone line I don't use so it wouldn't be worth it.
I use bookmarks mainly not for finding sites but for remembering to check the sites in the first place. Basically, the only bookmarks I use other than as a reminder are those few I have in the toolbar, and they are the ones I visit enough that one click is much better than typing a google search.
I have one bookmarks folder called "bills", which is really a combination of the two. Every week or so I go through this list of bookmarks to the login pages of sites where I pay my bills (my phone company, my student loans, my car payment, etc). Sure, I could just keep better records and only go to these sites when I owe them money, but I'm too disorganized for that.
As for the search engine part, anything I add to my bookmarks file would be automatically crawled on a regular basis
Oh yeah, and this almost goes without saying, but I'd want a cached copy of these pages kept, of course. In fact, while we're at it, how 'bout an archive of every historical version, a la archive.org's Wayback Machine.
I'm not sure if this is what delicious does, but I'd like to add a book mark and automatically have that website added to my own private search engine/directory. The directory location would be default to some sane default - for instance, if I add a bookmark which is already in DMOZ, then it'd be added to the same directories as in DMOZ. If it didn't already exist in DMOZ, then I would have to place it somewhere myself, and this would be remembered for others unless I marked the bookmark private.
As for the search engine part, anything I add to my bookmarks file would be automatically crawled on a regular basis (subject to robots.txt rules I guess). I'd have a directory of any pages which changed in the last X days, and I'd have another directory of dead bookmarks.
Since your being so pedantic I might as well be too.
Hey, you started it. I think it's obvious what I meant.
It doesn't take up less space. It takes up just as much space, but in your case certain lines happen to be wider.
Either you've got a non-rectangular screen, none of your lines are longer than "} else {", or you're wrong.
I guess ultimate readability then would be where you write 80(or whatever the width of your terminal is) characters of code and then start the next line?
I never said taking up space was the only factor contributing to readability, but it is one of them.
Besides buying the IDE cards I'd have to buy enclosures and power supplies. In the end I'd wind up paying more money for something slower and probably less reliable (IDE is very sensitive about how long the cables are). And I'd be using up expansion slots, which are already full on my primary desktop machine, and which I don't even have on the machine I'm using right now - my laptop. I'd probably save a little bit of money on electricity, though. Never measured just what kind of power these things consume.
In the end the reason I do it isn't primarily based on cost concerns anyway. It's fun tinkering with old hardware and getting it to do something useful.
Hash functions are, by their nature, not reversable. So there's no way to take a hash and have that give you a file that has that hash.
That is what a secure hash function does. But just a plain old hash function may or may not be easily reversible. For instance, I can define a hash as the sum of all the 1 bits in the file. It would be trivial to create a file which has the same has, in that case.
Sure why don't you just write all your code on one line? Saves space? right.
Not really. It makes the code wider and not as tall, but there's not really any space savings to speak of.
Seriously, what does the saved "space" (er new line character(s)) gain you?
It lets me see more of the structure of the program on a single screen or page of information.
Just as long as you're consistent in your coding (and its readable) who cares?
It's more readable in this case precisely because it takes up less space.
But it still doesn't stop people from driving around unlicensed and uninsured now.
So what's your point? We shouldn't have invented the car, because some people abuse it?
Granted, they have to worry about Cessna type aircraft now but potentially allowing "sky cars" in every driveway presents a whole new set of worries.
Tough shit. The department of homeland security has no Constitutional right to regulate what type of aircraft I keep in my driveway.
And if you think it's easy to keep a car on the road then look no further: http://www.carbuyingtips.com/pics/crash51.jpg
I never said it was hard to not keep a car on the road.
That's kind of what I was getting at by saying that there's always a risk that the plane is going to crash, no matter how skilled the operator.
Then again, maybe I'm overestimating the risk with a flying object. I suppose if it's built right the plane could cruise long enough to get to a nearby runway even if all the motors go out. You could lose all steering capability possibly, though this is possible in a car too. I suppose if we built a landing/crashing strip below the populated places one might fly this would put the safety level roughly in line with a car. Of course, that largely defeats the purpose of using the air in the first place (I suppose we still wouldn't have to build bridges and road maintenance would be less).
Your license and insurance does me no good when I am dead.
That is not a good argument that no one should ever be allowed to do anything.
Since you used comparison logic, are you suggesting that you can keep a car on the road with 100% certainty? I call bullshit.
Of course I can. I'm not saying I necessarily do, but it's certainly possible.
Flying, like driving, requires attention and good judgement. When either factors are missing, accidents happen.
Getting into an accident with another driver is completely different from crashing into a house.
What about the people whose houses these things are going to fall on when people without the skills required for a current private pilots license decide that "whenever they please" means during thunderstorms or when the clouds are generating ice or when the wind is gusting to 90 knots?
Most likely you'll need a license and insurance in order to operate these things. In fact, mandatory insurance makes even more sense for these things then it does for cars. It's pretty easy to keep a car on the road. Keeping a plane in the sky is impossible to do with 100% certainty, no matter how skilled you are.
Marketing something as an "air car" will mean people will still fly it to the grocery store.
Only if it's cost efficient. If it costs $100 in fuel and taxes to go to the grocery store, just about no one will do it. The only important thing is that we tax the fuel to pay for the pollution. The rest will be handled perfectly well by the free market.
This goes to show what a great game an open source project can create.
More like, this goes to show that an open source project can clone a great game. Isn't FreeCiv just a free remake of a game created by non-free developers?
Right, so using GPL-licensed fonts in a document doesn't require you to license your document under the GPL.