Just because a program runs in user-space doesn't mean it wont have access to priviledged system calls. Other than the mis-guided folks using kernel-mode linux apps (which is stupid), most applications run in user-space, and make system calls to do their admin-type things. An application run as root (and similarly admin on windows) has the ability to do virtually anything as far as the kernel is concerned. The only reason why you can't break stuff with out getting at least some kind of warning is because the user-space application had warning written into it by the developers. And unfortunately, IE doesn't have much in the way of warnings when it is about to do something potentially dangerous.
One password to protect your certificate. The certificate can be used to provide access to as many sites or services as you need. Certificate revokations are relatively easy to implement, and in most cases yearly certificates would be sufficient to keep things secure. This concept is being implemented by the organization I support, and so far we haven't noticed any problems.
As long as Trusted Computing is a module, I don't see why so many people are complaining about it. That's the nice thing about linux, you can turn just about any "feature" off. My only complaint would be that the developers could probably have spent their time doing something more useful, but I'm not paying them to do it so what right do I have to argue with what they implement.
Slashdot Mirror
Just because a program runs in user-space doesn't mean it wont have access to priviledged system calls. Other than the mis-guided folks using kernel-mode linux apps (which is stupid), most applications run in user-space, and make system calls to do their admin-type things. An application run as root (and similarly admin on windows) has the ability to do virtually anything as far as the kernel is concerned. The only reason why you can't break stuff with out getting at least some kind of warning is because the user-space application had warning written into it by the developers. And unfortunately, IE doesn't have much in the way of warnings when it is about to do something potentially dangerous.
Impossible... nothing is impossible
One password to protect your certificate. The certificate can be used to provide access to as many sites or services as you need. Certificate revokations are relatively easy to implement, and in most cases yearly certificates would be sufficient to keep things secure. This concept is being implemented by the organization I support, and so far we haven't noticed any problems.
As long as Trusted Computing is a module, I don't see why so many people are complaining about it. That's the nice thing about linux, you can turn just about any "feature" off. My only complaint would be that the developers could probably have spent their time doing something more useful, but I'm not paying them to do it so what right do I have to argue with what they implement.