root

Brandon Kruse admteamkruz at gmail.com
Thu Jan 10 23:44:15 CET 2008 

I cannot speak for them, but look at your market place.

Not secure servers but mobile telephony.

The phone is as secure as you make it, and they have faith in the  
programs that are on there.

Heck you could even make a security package to lock it down a little  
for those who want something extra.

Anyone else?

--------------------------------
Brandon

On Jan 10, 2008, at 4:30 PM, Denis <shulyaka at gmail.com> wrote:

> So why did OpenMoko developers decided to run everything as root?
>
> 2008/1/11, Brandon Kruse <admteamkruz at gmail.com>:
>> Good luck easily hacking over a GPRS connection. Make your password
>> longer than 6 characters, a ban after retry attempts, take it off  
>> port
>> 22 and that will save 95% of attacks from script kiddies. (everything
>> I listed is controllable on sshd_config, I believe)
>>
>> Just imho it helps, opinion and experience :)
>>
>> But overall, I agree, but your privileges are only as safe as your
>> software.
>> (eg when you run a socket based process as root, you trust it.)
>>
>> However, you make a good point :)
>>
>> Kde and gnome take that precaution with gtk based Sudo when you login
>> as a normal user (at least in debian/ubuntu) and I like that method.
>>
>> --------------------------------
>> Brandon
>>
>> On Jan 10, 2008, at 3:43 PM, Denis <shulyaka at gmail.com> wrote:
>>
>>> But as far as I understand it's not secure, esp. for a device with
>>> wi-fi, bluetooth, gprs and running ssh daemon! Linux gives us a  
>>> great
>>> power of user privilegies management but we waste it. Woldn't it be
>>> better to run everything as an unprivileged user, or at least ask  
>>> for
>>> password at first run time?
>>>
>>> _______________________________________________
>>> OpenMoko community mailing list
>>> community at lists.openmoko.org
>>> http://lists.openmoko.org/mailman/listinfo/community
>>
>> _______________________________________________
>> OpenMoko community mailing list
>> community at lists.openmoko.org
>> http://lists.openmoko.org/mailman/listinfo/community
>>
>
> _______________________________________________
> OpenMoko community mailing list
> community at lists.openmoko.org
> http://lists.openmoko.org/mailman/listinfo/community

More information about the community mailing list