Hacker News new | ask | show | jobs
by mSparks 3474 days ago
i barely trust my own programs to have access to the root account, why should any old script be able to access the entire machine in 6 letters?

"you should never run anything as root" yet on ubuntu everything as good as runs as root by default.

even windows ussually has a seperate password to create user accounts, but with ubuntu make the mistake of leaving your machine unlocked and unattended and any little script kiddy can own your machine in fractions of a second. worse even than windows, because they get remote access by default.

I understand why they did it. but if they are making those kind of changes I dont have the energy to track down what other things they "broke" to favor some (what i consider to be) misguided idea of useability over security.

you know, stuff like this

http://askubuntu.com/questions/153933/no-password-prompt-at-...
2 comments
reitanqild 3474 days ago
> even windows ussually has a seperate password to create user accounts

Wrong, I'd say. Only if you or the IT department specifically set it up that way.

Also, again IIRC but I think you have to type password the first time you use sudo un a session on desktop Ubuntu (or after 15 minutes).

link
mSparks 3474 days ago
yet the link i posted is ubuntu users asking how to make it do exactly that, because by default something added no password to their sudo configuration.

which is also my experience.

having plenty of experience getting red hat fedora and centos set up just the way i like, i decided very quickly even getting ubuntu "safe" was more learning curve than reward.

link
mazatta 3474 days ago
No operating system can protect your machine if it is left unlocked - even allowing physical access makes you vulnerable. A worthy concern, but not in itself an "Ubuntu problem".
link
mSparks 3474 days ago
most you can get to on a normal unlocked linux machine in normal use is the see browsing history.

you cant even copy files to a usb stick because mounting it requires a password.

that is very different to making the machine yours via remote access.

and very very different than letting browser plugins create user accounts that can be accessed remotely (that have root access by default). then theres the fact that selinux seems to be a right state on ubuntu

plus what everybody else said. basically put there are several nicer and more secure distributions of linux i would choose before ubuntu.

link