On Wed, Apr 4, 2012 at 1:19 AM, Dave Page <dpage@pgadmin.org> wrote:
> then, we're talking about making parts of the filesystem
> world-writeable so it doesn't even matter if the user is running as an
> admin for a trojan or some other nasty to attack the system.
The argument is that a trojan or other nasty doesn't *need* to be
admin to attack the system since it can just attack the user's account
since that's where all the interesting data is anyways.
But again, this is all beside the point. It's a judgement for Apple
and Microsoft and individual administrators to make. We can't really
start reconfiguring people's systems to use a different security model
than they expect just because they've installed a database software --
even if we think our security model makes more sense than the one
their used to.
--
greg