This is much more secure, and you are able to disable it. If you are using systems in public, then there is much more you need to disable such as removable media automounting etc, and would not use default settings anyway.

The current way of throwing blanket root access out for any system change is inherently less secure, their change aims to only allow signed package and that 1 specific action to occur.

Yes you could make a collision, but if you can’t trust your package sources, you can’t trust your system as a whole, so the entire idea is moot.

Related posts:

1. Stimulus package
2. What I am working on
3. Fedora Core 6

All of my systems I work with have atleast 4GB of ram, so my swap usage is usually under 2 megabytes. Why should I worry what’s in my swap partition?

Instead of going into it, just try it yourself. My swap partition is /dev/sda5. Run the command:

$ sudo strings /dev/sda5 | more

What came up was a ton of interesting data, from files I had looked at, print jobs, and bash scripts. So yes, even if you have enough ram, your swap is still very vulnerable to storing a lot of data about you.

Good news is Ubuntu 9.10 / Karmic will have the option to encrypt swap, which is on the wiki.

Related posts:

1. Resizing a EXT2/3 partition
2. Python Commands Module
3. Automatically Backup Blogs / Websites to Amazon S3