© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
It really surprises me (negatively) that most Ubuntu experts seem to agree on this design decision. Isn't a well accepted fact that security can affect usability?.
Now, about:
> We assume that the people who share the machine are either trusted, or in a position to hack the machine (boot from USB!) trivially.
That assumption is not correct for me, for example, when I lend my computer to someone else, I don't usually trust them completely (so I'm still sitting near enough so they can't boot from an USB without being caught) and I just want to share with them the minimum they need to get their work done and having access to my personal files is not part of what they require.
And about:
> Now, in a more complex environment, like a university machine with many users, people do not have access to the hardware and can't easily root the box, but they also have the sysadmin skills to change the default permission.
I think that it doesn't hold a totally valid point as sysadmins like me tend to think that the default system settings are always secure enough for most regular deployments, so you don't think it is a good idea to change those settings unless you've read a thread like this one... which not everyone is willing to look for and then read.
Finally, it seems to me that this default setting damages Linux reputation (for non-experts) of being a secure OS.