On 1/5/07, Niklas Nisbeth <noisetonepause@xxxxxxxxx> wrote:
>There will never be a method to stop *you* from erasing >*your* home folder. That's not what security is about, >that's what backups are for. I think I disagree. Security should make sure that I don't lose data, full stop.
That's not the definition of security... what you're referring to is a combination of things ranging from security, hardware failure, software failure, and user failure. Security actually plays a very small role in your definition. What if the OS prevented data loss completely - is that all that makes it secure? NO! If someone makes copies of your private data without your knowledge, there is a security problem. If someone uses your computer all day long to send SPAM without your knowledge, then there is a security problem. Data loss is only data loss - whether as a result of an insecure system or not. The OS and applications should not prevent it, but should prevent it without the user's consent. (I think this is what you really meant) Security is the promise that nobody else can access/use/destroy your resources unauthorized. Resources include files and data, access to APIs, use of CPU time, use of the network, etc. As Ryan pointed out, the examples on Maurice's page demonstrate that a user has 'authorized' access to the APIs by choosing to run the software on the machine in the first place. I suspect most people classify security as the ability to come in contact potentially-harmful content/resources, while being assured that their data/resources are shielded from hidden access or destruction that cannot be detected or prevented.