Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 22 Nov 2014, 22:42
All times are UTC - 4
 Forum index » Off-Topic Area » Security
What makes Linux safer than Windows?
Post new topic   Reply to topic View previous topic :: View next topic
Page 5 of 7 [99 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, 7 Next
Author Message
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Fri 26 Mar 2010, 01:03    Post subject:  

Quote:
I'd be delighted if proper multi-user support got put back into Puppy.

I agree, which is why I did it - for 4.2.1 anyway. And I documented the process to the best of my ability so that if/when Puppy decides to adopt it they won't have to figure as much out on their own.
http://www.murga-linux.com/puppy/viewtopic.php?t=47409

The average paranoid user doesn't really need it, but proper multiuser support would allow Puppy to spread into other niches. Even just being used as a family PC. Sure, Puppy can do the multiple save file deal, which is nice, but that doesn't stop Jr. from deleting the savefile itself, or reformatting the harddrive.

Limited accounts would at least make it more difficult. He could still try booting from a live CD, and if you disable that he could try resetting the bios, or just pulling the drive and mounting it from another machine - but he would have to be very intentionally malicious to do those things. If he's just cranky or an idiot, limited permissions will stop him.



I have to admit, I'm pretty used to root. And for good reason, because during the beginning I spent large amounts of my time screwing around with Puppy's boot scripts, installing stuff, deleting things, etc. Running as other than root would have been impractical.

I haven't been doing anywhere near as much of that lately though, other than recently as I have been working on making my own distro. But when not doing that, I've mostly been working on applications and utilities, and less of the core systems type stuff. So now it would be possible for me to be a user on a regular basis.

When I get CheesyRamHog usable enough, I intend to do that. I need to get used to not being root, because one of the career paths I may wind up following is being a sysadmin. Like DMcCunney's friend found out, bad habits can get you into trouble.



Quote:
Puppy at least has a firewall that I can activate in set up while neither Elive nor Antix had such and the one in ubuntu and Mint I totally failed to understand if it was active or not.

Linux basically has one firewall program. IPtables. There are many frontends that you use to configure it, but they all do the same thing.

To see what is currently configured, on any modern Linux, you just run iptables -v -L and it will output the configuration to the terminal. Understanding what it means is another thing, but you can at least see that something is set up. If nothing is configured, it will look about like this:
Code:
# iptables -v -L
Chain INPUT (policy ACCEPT 2 packets, 252 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 2 packets, 252 bytes)
 pkts bytes target     prot opt in     out     source               destination

If you get anything more complex than that, you probably have the firewall enabled.

As long as the particular firewall configuration doesn't rely on some weird module that the average kernel doesn't have enabled, it can be used on nearly any modern distro (has to support iptables at least). You can use iptables-save > firewall_file to save it to "firewall_file", and then drop that into the other distro and run iptables-restore < firewall_file to restore it. Of course, you would probably need to configure the new distro to re-use that same firewall each boot. How you do that is a function of the distro, but the support people for whichever distro would probably be able to help you.

_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message Visit poster's website 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Fri 26 Mar 2010, 04:48    Post subject:  

Pizzasgood , I intended to thank Dennis and tell him to search for the member of this forum that there existed a description of how to implement it even in Puppy.

But I had forgotten that it was you who had a thread about it.

Very good you helped me out by reminding us about it.

Thanks for the description of the iptables. You are right that is how it looks in ubuntu, antiX and Debian Elive by default.

Not activated. Puppy after activation has Drop in the first one but accept in the other two.

That is as good as the default Windows XP and Vista and Win7 also have it.

should not Puppy be better than M$ Smile

I am too much of a computer idiot to be able to set it up though. I tested the GUI of SuperOS (Ubuntu) and Linux Mint and Debian Elive and I did not understand if I was protected or not when I clicked on Deny.

did I deny any entry from outside or did I deny the firewall to be activated? Nothing explained it unless one is clever enough to think like the GUI developers way of thinking.

I am very spoiled by Puppy by being root. when I try out Debian or Ubuntu or some other distro I get stuck instantly by not being able even to mount my HDD to get to the text files I need to remember commands to use. Hahah

I wish Puppy to become the most attractive breed of distros there is. To at least being able to chose is better than to not chose.

At install one could be asked. Do you want to be an ordinary user like most Linux Distros are set up or do you want the freedom of being in complete control over everything but on your own risk? Yes protect me 1. or Yeah I am adventures or trust myself enough to be a 2.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
RetroTechGuy


Joined: 15 Dec 2009
Posts: 2668
Location: USA

PostPosted: Fri 26 Mar 2010, 09:12    Post subject:  

DMcCunney wrote:

I run Ubuntu as well as Puppy. Ubuntu is like any other mainstream distro. By default, you log on as an ordinary user. If you need to perform administrative tasks, you temporarily acquire administrative powers with su or sudo. I could set that up to always run as root, but don't. (I did create a separate password for root to enable me to run as root in another virtual console, but seldom use it.)


When testing software on such a system, I typically open a console window and do a normal login as root. Then with both the the user (me) and root (also me) logged in, I can test that "user" can see and run the programs installed. If not, root can tinker with things and try again.

But if you are truly the only user, that becomes fairly redundant (and occasionally tedious).

Quote:
Fortunately, he was able to recover because the customer had made a complete backup just before he arrived to do his work.


This is a key point. Having a recent backup. You should do the same with Puppy, particularly before installing new software.

The really nice thing about Puppy, in frugal mode, is that it is incredibly easy to make a backup of the system (just copy the unmounted pupsave file). And it's so small, that it is also trivial.

Note also that making a "multi-user" machine isn't hard, with Puppy (I emphasize machine, as most don't care if it's an multi-user OS). Just copy your boilerplate pupsave over to a new username, and they then have their own system. Yeah, so you'll have to spend a few seconds performing a reboot to change users. Puppy is small enough that there isn't a real reason to leave it running when not in use, so the most likely scenario is that the user comes to the machine in the "off" state, and boots normally. Otherwise the 1st user will have to shut down, and the second reboot. No big deal.
Back to top
View user's profile Send private message 
DMcCunney

Joined: 02 Feb 2009
Posts: 897

PostPosted: Fri 26 Mar 2010, 12:42    Post subject:  

jamesbond wrote:
Thank you Dennis.

You're quite welcome.

Quote:
Your posts are very clear, helpful, refreshing and educational. You give the context, and also the reasons in which running as root is a bad idea - this is in contrast to others who just say "because it's the best practice".
Hopefully wIth your posts and the Fear Not Root link, people running single-user desktop linux can then see whether or not these reasons apply them, and what additional security gains they get by running as non-root (and thus, whether root-vs-non-root is worthy of a heated debate).

I'm in the "don't run as root unless you must" camp, but I have a different perspective because I where I come from.

I first heard about Unix when the system I dealt with was an IBM mainframe, and Unix was AT&T Version 6, the first to see usage outside of AT&T. Single-user Unix systems effectively didn't exist, and installations were all multi-user.

My first "home computer" was a single-user Unix workstation. In the mid-80's, AT&T was still in the computer business, and issued the UNIX-PC and the 3b1. (I have a 3b1.) Both were attempts to compete with the IBM PC on the corporate desktop. They had a 10mhz 32 bit Motorola 68010 CPU (the first of that line with hardware memory management), a bit mapped GUI console, and would boot and run a port of AT&T System V Release 2 and perform useful work with acceptable performance in one megabyte of RAM. (Yes, you read that right. One megabyte, not one gigabyte.) Give it more RAM and it flew. (A client back then used a 3b1 with 3MB of RAM to support four simultaneous users and a printer, running a custom database application for distribution management. Users connected via dumb terminals using a character mode interface. Worked fine.)

The UNIX-PC had a root ID, but it wasn't what you normally used. You logged in as a normal user, and became root only as required to do system maintenance.

Most of the systems I've dealt with over 20+ years were multi-user, with many users on and working simultaneously.

So "Don't run as root unless you have to" is a conditioned reflex, acquired in the days when casually running as root was a Very Bad Idea indeed.

There are places where it is the norm, but they tend to be specialized. For example, my recently deceased Linksys WRT54G router used a Linux 2.4 kernel and Busybox. You never saw Linux if you used the stock firmware, because you dealt with an HTML based GUI that let you configure the router. But because it was Linux based, it was open source, and various developers grabbed the source and hacked, producing an assortment of replacement firmware. I ran one called Tomato, and I could telnet or ssh to the router and get a command line. (My SO was bemused to see me running vi on the router to edit scripts.) I was logged on as root because multiple users made no sense in that context. It was an embedded application with a specific purpose, and not a general usage device.

As mentioned, Puppy gets away with always running as root because it's explicitly a single user system, and I recall seeing a post stating Barry was originally working to create an embeddable distro, similar to the Linux implementation. It's no worse than MS-DOS or earlier versions of Windows which also assumed the logged on user was he administrator with all powers to change the system.

But systems where you can have other users can be useful.

For instance, back in the MS-DOS days, I ran the MKS Toolkit. The Toolkit was a collection of DOS versions of all of the standard Unix utilities that made sense in a single-user, single-tasking environment, including a very complete implementation of the Korn shell that had everything except asynchronous sub-processes (because DOS was single-tasking, and didn't do sub-processes.)

If you installed in full Unix compatibility mode, the Toolkit replaced COMMAND.COM as the boot shell with INIT.EXE. Boot, and init would run, and print a Login: message on your screen. Enter an ID and optional password, and init called login, which checked the ID you entered against an /etc/passwd file. If it found a match, it changed to whatever directory was specified as that ID's home diorectory, and ran whatever was specified as that ID's shell. Exit the shell you were logged into, and init regained control and put up another Login: message.

I found this incredibly useful. I could change environments without rebooting. Stuff common to all IDs, like mouse, ramdisk, and disk cache drivers got loaded in CONFIG.SYS. Everything else happened at the ID level.

I had IDs to run vanilla COMMAND.COM, the shareware 4DOS command com replacement, the MKS Korn shell for a Unix like environment, and the DesqView mulit-tasking environment. I could switch without rebooting - just log off and log back on with the right ID.

The setup stayed in place when Win 3.1 came around. In Win 3.1, the default "shell" was Program Manager, but an assortment of replacements existed. I used custom IDs handled by init, which modified the Windows SYSTEM.INI file to point to the shell I wanted to use before calling Windows. When Win95 hit the streets, switching was painless for my SO, because I normally used a replacement shell that already had the stuff Win95 brought to the table, like desktop icons.

If I have the option on a *nix system, I often create custom IDs intended for specific purposes, with a login profile and environment designed around that purpose. Switching is a matter of logging off and logging on again with a different ID.

I'd love to do that in Puppy, but can't, because Puppy doesn't support it. Someday...
______
Dennis
Back to top
View user's profile Send private message 
DMcCunney

Joined: 02 Feb 2009
Posts: 897

PostPosted: Fri 26 Mar 2010, 13:33    Post subject:  

RetroTechGuy wrote:
DMcCunney wrote:
I run Ubuntu as well as Puppy. Ubuntu is like any other mainstream distro. By default, you log on as an ordinary user. If you need to perform administrative tasks, you temporarily acquire administrative powers with su or sudo. I could set that up to always run as root, but don't. (I did create a separate password for root to enable me to run as root in another virtual console, but seldom use it.)
When testing software on such a system, I typically open a console window and do a normal login as root. Then with both the the user (me) and root (also me) logged in, I can test that "user" can see and run the programs installed. If not, root can tinker with things and try again.

But if you are truly the only user, that becomes fairly redundant (and occasionally tedious).

It's not redundant at all if you normally run as a regular user. I usually log on twice in different virtual consoles: once as root, and once as the user, and can hop back and forth with Ctrl-Alt-<number> to switch between them (and if necessary, killed the normal user login from root.)

Tedious? Maybe. But testing is by nature somewhat tedious.

Quote:
Quote:
Fortunately, he was able to recover because the customer had made a complete backup just before he arrived to do his work.
This is a key point. Having a recent backup. You should do the same with Puppy, particularly before installing new software.

The customer was a doctor's office, and the system he wiped contained patient records. The consequences if the customer hadn't had an up-to-the-minute backup don't bear thinking on. I suspect the employer we worked for would have been put out of business by the resulting lawsuit.

Quote:
The really nice thing about Puppy, in frugal mode, is that it is incredibly easy to make a backup of the system (just copy the unmounted pupsave file). And it's so small, that it is also trivial.

Note also that making a "multi-user" machine isn't hard, with Puppy (I emphasize machine, as most don't care if it's an multi-user OS). Just copy your boilerplate pupsave over to a new username, and they then have their own system. Yeah, so you'll have to spend a few seconds performing a reboot to change users. Puppy is small enough that there isn't a real reason to leave it running when not in use, so the most likely scenario is that the user comes to the machine in the "off" state, and boots normally. Otherwise the 1st user will have to shut down, and the second reboot. No big deal.

I don't use frugal installs, so that's not applicable here. With proper multi-user support, using a different ID is a matter of log off, and log back on as the different ID. No reboot is required.
______
Dennis
Back to top
View user's profile Send private message 
FlyingRedGoat

Joined: 24 Mar 2009
Posts: 47

PostPosted: Fri 26 Mar 2010, 13:59    Post subject:  

Sigged

Lobster wrote:
Quote:
Read this: Fear Not Root, and tell us what you think.


I thought reading this was preferable to running around like a headless penguin
exclaiming, 'Beware the root'. Rolling Eyes
Dennis makes many similar points about the difference between Linux on a corporate network and individual Puppy and Linux desktop computers.

A reminder of the simple Puppy Growl security program:
http://murga-linux.com/puppy/viewtopic.php?p=335216#335216
Back to top
View user's profile Send private message 
nubc


Joined: 23 Jan 2007
Posts: 1096
Location: USA

PostPosted: Fri 26 Mar 2010, 15:53    Post subject:  

Hacker exploits IE8 on Windows 7 to win Pwn2Own contest

Question: Is it harder to find exploits for Linux or a non commercial operating system, [which] has no interest for exploit hunters?

Charlie Miller: No, Linux is no harder, in fact probably easier, although some of this is dependent on the particular flavor of Linux you’re talking about. The organizers don’t choose to use Linux because not that many people use it on the desktop. The other thing is, the vulnerabilities are in the browsers, and mostly, the same browsers that run on Linux, run on Windows.

http://www.oneitsecurity.it/01/03/2010/interview-with-charlie-miller-pwn2own/
Back to top
View user's profile Send private message 
RetroTechGuy


Joined: 15 Dec 2009
Posts: 2668
Location: USA

PostPosted: Fri 26 Mar 2010, 16:46    Post subject:  

DMcCunney wrote:
RetroTechGuy wrote:
DMcCunney wrote:
I run Ubuntu as well as Puppy. Ubuntu is like any other mainstream distro. By default, you log on as an ordinary user. If you need to perform administrative tasks, you temporarily acquire administrative powers with su or sudo. I could set that up to always run as root, but don't. (I did create a separate password for root to enable me to run as root in another virtual console, but seldom use it.)
When testing software on such a system, I typically open a console window and do a normal login as root. Then with both the the user (me) and root (also me) logged in, I can test that "user" can see and run the programs installed. If not, root can tinker with things and try again.

But if you are truly the only user, that becomes fairly redundant (and occasionally tedious).

It's not redundant at all if you normally run as a regular user.


The problem that usually arises that root has permission to run, or reach directories, that the user doesn't. And if you are the only user...

Quote:
I usually log on twice in different virtual consoles: once as root, and once as the user, and can hop back and forth with Ctrl-Alt-<number> to switch between them (and if necessary, killed the normal user login from root.)


Exactly. Though in my day, Alt-F<1-6> was sufficient Wink

(I often didn't run X at all, spent most of my time on the command-line -- so you only needed the Ctrl key to escape the graphical window).

Quote:
Quote:
Quote:
Fortunately, he was able to recover because the customer had made a complete backup just before he arrived to do his work.
This is a key point. Having a recent backup. You should do the same with Puppy, particularly before installing new software.

The customer was a doctor's office, and the system he wiped contained patient records. The consequences if the customer hadn't had an up-to-the-minute backup don't bear thinking on. I suspect the employer we worked for would have been put out of business by the resulting lawsuit.


That would have been bad. I typically do a full system backup before messing with a system (a disk clone is fairly quick -- in such a case, I would carry a spare drive just for that purpose).

Quote:
Quote:
The really nice thing about Puppy, in frugal mode, is that it is incredibly easy to make a backup of the system (just copy the unmounted pupsave file). And it's so small, that it is also trivial.

Note also that making a "multi-user" machine isn't hard, with Puppy (I emphasize machine, as most don't care if it's an multi-user OS). Just copy your boilerplate pupsave over to a new username, and they then have their own system. Yeah, so you'll have to spend a few seconds performing a reboot to change users. Puppy is small enough that there isn't a real reason to leave it running when not in use, so the most likely scenario is that the user comes to the machine in the "off" state, and boots normally. Otherwise the 1st user will have to shut down, and the second reboot. No big deal.

I don't use frugal installs, so that's not applicable here. With proper multi-user support, using a different ID is a matter of log off, and log back on as the different ID. No reboot is required.
______
Dennis


There are already multi-user systems. I'm rather afraid that if Puppy goes too far that direction, that it will gain "substantial weight" in the process.

And that change should be weighed against the benefit/gain. Given that the pupsave has minimal" heft", the argument against storing duplicate systems is rather moot.

However, in your full install version, that's a different issue -- I don't know how to address that. Maybe the full install process should by default set up a multi-user system.

Do you actually have more than one physical user on your computer system?

I personally think that Puppy is currently kinda at the limit for heft, for the target market. That is, machines that will run Win98 acceptably, seem to struggle slightly under Puppy -- I can fairly comfortably run Win98 on a machine with 128MB, and quite easily with 256MB -- Puppy tends to be sufficiently memory intensive, that I consider 256MB to be marginal (yes, I realize that there are folks here running on less than that).

If you have enormous computer horsepower, and want a multi-user system, I would ask why you're not running one of the big-boy systems (Ubuntu, Debian, Redhat, ...).

Yes, I realize that you are already running Ubuntu... What does Puppy provide, that Ubuntu doesn't? Do you want to replace your Ubuntu with Puppy?
Back to top
View user's profile Send private message 
DMcCunney

Joined: 02 Feb 2009
Posts: 897

PostPosted: Fri 26 Mar 2010, 18:48    Post subject:  

RetroTechGuy wrote:
DMcCunney wrote:
RetroTechGuy wrote:
When testing software on such a system, I typically open a console window and do a normal login as root. Then with both the the user (me) and root (also me) logged in, I can test that "user" can see and run the programs installed. If not, root can tinker with things and try again.

But if you are truly the only user, that becomes fairly redundant (and occasionally tedious).
It's not redundant at all if you normally run as a regular user.
The problem that usually arises that root has permission to run, or reach directories, that the user doesn't. And if you are the only user...

If I'm trying to make it work for a normal user, I can't blithely assume root powers will be available, and just giving up and running as root is a fail.

Quote:
Quote:
I usually log on twice in different virtual consoles: once as root, and once as the user, and can hop back and forth with Ctrl-Alt-<number> to switch between them (and if necessary, killed the normal user login from root.)
Exactly. Though in my day, Alt-F<1-6> was sufficient Wink

(I often didn't run X at all, spent most of my time on the command-line -- so you only needed the Ctrl key to escape the graphical window).

I often don't run X. And at a former employer, where the systems I administered supported hundreds of users, nobody ran X. Users came in through telnet over WAN links, and worked with character mode applications. I would occasionally use a GUI, but I put TightVNC server on the boxes, and used TightVNC client on my desktop. It worked fine, and saved me needing to install Hummingbird Exceed or the like.

Quote:
Quote:
The customer was a doctor's office, and the system he wiped contained patient records. The consequences if the customer hadn't had an up-to-the-minute backup don't bear thinking on. I suspect the employer we worked for would have been put out of business by the resulting lawsuit.
That would have been bad. I typically do a full system backup before messing with a system (a disk clone is fairly quick -- in such a case, I would carry a spare drive just for that purpose).

I mopped my brow in considerable relief. Though I was grimly amused by his tale of having to reload Unix from the distribution media, restore for the backup, then redo his changes, while trying to keep the customer's bright and inquisitive rep who was staring over his shoulder from realizing what he had done.

When he finished his tale, I just said "Now do you understand why I don't like you running as root all the time? Bet you'll never do that again, right?" Razz

Quote:
The really nice thing about Puppy, in frugal mode, is that it is incredibly easy to make a backup of the system (just copy the unmounted pupsave file). And it's so small, that it is also trivial.

Yes, that is an advantage.

Generally speaking, changes are confined to particular places, so I just make copies of the stuff that will be changed.

Quote:
Quote:
I don't use frugal installs, so that's not applicable here. With proper multi-user support, using a different ID is a matter of log off, and log back on as the different ID. No reboot is required.

There are already multi-user systems. I'm rather afraid that if Puppy goes too far that direction, that it will gain "substantial weight" in the process.

Hmmmm. Where do you think the weight will come from?

I think DSL and TinyCore are both multi-user systems that didn't rip out the infrastructure the way Puppy did, and both are a lot smaller than Puppy in ISO size. They may be smaller in resource requirements as well. (TinyCore claims it will run on an 8MB RAM machine. The lowest end Puppy install I know of is in 16MB RAM, and the user who created it had to actually build the Puppy image he would run on a bigger more powerful machine to be able to create it)

I'm not sure why a multi-user system should be inherently bigger and weightier. The underlying infrastructure that supports having more than one user is of negligible size in the context of the full ISO for the distro. Ripping it out won't save you all that much space.

Quote:
And that change should be weighed against the benefit/gain. Given that the pupsave has minimal" heft", the argument against storing duplicate systems is rather moot.

However, in your full install version, that's a different issue -- I don't know how to address that. Maybe the full install process should by default set up a multi-user system.

If the support is there, it is a multi-user system. The question would be whether the user wanted to routinely run as root, or run as a normal user and use su, sudo, or log in as root on another console if admin powers were required.

Quote:
Do you actually have more than one physical user on your computer system?

Yes, though seldom. My concern is simply that I normally want to run as an ordinary user. I don't always want to be root. Puppy does not (currently) give me that option.

Quote:
I personally think that Puppy is currently kinda at the limit for heft, for the target market. That is, machines that will run Win98 acceptably, seem to struggle slightly under Puppy -- I can fairly comfortably run Win98 on a machine with 128MB, and quite easily with 256MB -- Puppy tends to be sufficiently memory intensive, that I consider 256MB to be marginal (yes, I realize that there are folks here running on less than that).

The question, of course, is "What is Puppy's target market?" I don't think there's really general agreement on that, though I think most Puppians will concur that it's a distro that at least started out targetting older, lower end hardware.

Quote:
If you have enormous computer horsepower, and want a multi-user system, I would ask why you're not running one of the big-boy systems (Ubuntu, Debian, Redhat, ...).

Yes, I realize that you are already running Ubuntu... What does Puppy provide, that Ubuntu doesn't? Do you want to replace your Ubuntu with Puppy?

I have multiple systems. My desktop is a 2ghz Pentium box with 4GB of RAM and six physical hard drives with about 850GB of storage. It triple boots Win2K Pro SP4, Win XP Pro SP3, and Ubuntu 9.10 Gnome. The SO's laptop has a GB of RAM and a 40GB drive, and runs XP SP3. There's an old PPC Mac Pro under the desk which will at some point get Mac OS/X 10.2 or 10.3, and a Sun SunFire X100 currently running Solaris 9 that will at some point get Solaris 10. And there's a 1u Dell server running Windows 2003 server coming to me.

If I have the hardware, one of the "big boys" is what I run, witness Ubuntu on the desktop (which has run Red Hat in the past.)

The box that hosts Puppy is an old (2002) Fujitsu Lifebook, which has a Transmeta Crusoe 867mhz CPU, a 40GB UDMA 4 HD, and 256MB of RAM. I got Puppy as a result of looking for a distro that would run acceptably on it. The box was a gift from a friend who had upgraded, and came with Windows XP SP2... Razz

It triple-boots Win2K Pro, Ubuntu 9.10, and Puppy 4.31, though there's a 2GB FAT partition that may get something like FreeDOS with Win98SE on top of it.

I originally installed Xubuntu alongside of Puppy and 2K. It installed without a hitch, and technically "ran", but was snail slow. Queries on the Ubuntu forums about tuning Ubuntu for lower end gear returned suggestions that too much Gnome had crept in, Xubuntu was no longer a truly lightweight distro, and I'd do better to install from the MinimalCD to get a bare bones CLI installation, then use apt-get to install just the parts I wanted. That worked, and I have a version of Ubuntu with the Xfce4 desktop (that I also use in Puppy) which performs acceptably. It's not as sprightly as Puppy, but it's usable.

The big limitation on the Puppy box is the UDMA 4 HD with 18MB/sec transfer rate. Large apps, like Firefox 3.6 or Open Office 3.2 may take 30 - 45 seconds to simply load. when I went to Puppy 4.31, I wiped and reformatted as ext4, which helped - I saw a 25% -30% improvement in I/O, though it's still not anything I'd call "fast".

But the Puppy box is in large part an experiment to see what performance I can wring out of limited hardware without spending money on it.

Personally, I see Puppy as a light-weight distro for lower end hardware. Some of the questions I see on the forums have me shaking my head in wonder. "If you have that kind of hardware, why do you want to run Puppy? Install a distro intended for Big Mutha systems. You'll be much happier..."
______
Dennis
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 27 Mar 2010, 04:41    Post subject:  

Suppose me now have tested some 20 to 25 different puppies in frugal install and I have activated the firewall on all of them.

But they behave a bit different in that automatic install.

All of them except one have "drop" in the first of three conditions. the exception has accept in all three.

I thought the drop was the way one got protected.

As a newbie one have no idea what these words means.

why is it not drop on all three if drop is the way to protect.
If it is accept in all three how can one say one are protected then?

To my naive newbie mind the word accept means

accept that they break in as if an open door?

What else can it mean? I write iptables -L and it writes a lot of text me don't understand.

Okay one should read up on it. Read the f****ng Manual,

But if the manual is/are written with a language that is too technical to be grasped? No use reading things one fail to grasp.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 27 Mar 2010, 04:52    Post subject:  

Dennis I agree with your "take" on it but I don't agree on what is light and good to use.

Quote:
Personally, I see Puppy as a light-weight distro for lower end hardware. Some of the questions I see on the forums have me shaking my head in wonder. "If you have that kind of hardware, why do you want to run Puppy? Install a distro intended for Big Mutha systems. You'll be much happier..."


I have tested the more bloated linuxes. Ubuntu, SuperOS (ubuntu), Linux Mint KDE CE, Debian Elive, AntiX/Mepis, Mandriva, and I have 3GB of memory and a one year desktop to use it on.

These programs are for linux experts. That have a good memory for how things are structured in linux with different permissions for everything.

I installed three linux distros on an older computers with only 500mb RAM memory and only puppy allowed me to move a bookmark.html file from an usb to the root of the hdd.

Yes if one are well structured and have a good memory then one remember how to do it on the bloated linuxes too. But if one are fuzzy and ADHD in head like me then it takes months to find that info on the net and most of the time one get mocked for asking how to do it.

How I did it? I used puppy or I uploaded the html to gmail and used it from there and saved it in usr/home instead
Which forced me to have two such files. One for puppy and another for Debian. Yes I love to be protected too. Smile

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
DMcCunney

Joined: 02 Feb 2009
Posts: 897

PostPosted: Sat 27 Mar 2010, 11:31    Post subject:  

nooby wrote:
Dennis I agree with your "take" on it but I don't agree on what is light and good to use.

Quote:
Personally, I see Puppy as a light-weight distro for lower end hardware. Some of the questions I see on the forums have me shaking my head in wonder. "If you have that kind of hardware, why do you want to run Puppy? Install a distro intended for Big Mutha systems. You'll be much happier..."


I have tested the more bloated linuxes. Ubuntu, SuperOS (ubuntu), Linux Mint KDE CE, Debian Elive, AntiX/Mepis, Mandriva, and I have 3GB of memory and a one year desktop to use it on.

These programs are for linux experts. That have a good memory for how things are structured in linux with different permissions for everything.

You get to be a Linux expert with experience. If you decide (as you seem to have done) that "Oh, that's too hard. I can't deal with that. I'll use Puppy because it's simpler.", you'll never gain the knowledge you want.

And Ubuntu and derivatives try to reduce the amount you need to know to use them.

Quote:
I installed three linux distros on an older computers with only 500mb RAM memory and only puppy allowed me to move a bookmark.html file from an usb to the root of the hdd.

You shouldn't put files in the root directory. It should be clean and uncluttered. The only things that should be there are things the distro puts there.

Puppy let you do it because you always run as root, and root can do pretty much anything, including dropping files where they have no business being.

I'd call your experience an example of why always running as root is a Bad Idea.

Quote:
How I did it? I used puppy or I uploaded the html to gmail and used it from there and saved it in usr/home instead
Which forced me to have two such files. One for puppy and another for Debian. Yes I love to be protected too. Smile

Something like /usr/home is where files like that should be stored. I don't understand why you thought you needed to keep it in root. The browser that will display it doesn't care where it lives, as long as the ID you are logged in as has permission to view files in that directory. All you have to know is where to find it, and once found, you can bookmark it.

I also don't understand why you think you are forced to have two files. I have Puppy and Ubuntu installed on separate partitions on the box Puppy runs on, and can boot into either. Each can see the other's partition, and Puppy mounts the Ubuntu partition automatically when it boots, so it appears as /media/ubuntu in the file system, and I can look at stuff on the Ubuntu side. I haven't needed to have the same HTML file visible from both distros, but it would be no problem to do it.
______
Dennis
Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 4328
Location: Gatineau (Qc), Canada

PostPosted: Sat 27 Mar 2010, 12:09    Post subject:  

Flash wrote:
I have no idea how many other people use multisession. I can't believe I'm the only one.


Hi, Flash!

There's at least two users! I use it!
And multisession is certainly:
1) the most secure way to use Puppy, for the reasons you mentioned
2) the most portable way, too, especially if you use a 1.5Go DVD that fits in your shirt pocket.

BFN.

_________________
"Logical entities must not be multiplied needlessly." / "Il ne faut pas multiplier les êtres logiques inutilement." (Ockham)
Back to top
View user's profile Send private message Visit poster's website 
musher0


Joined: 04 Jan 2009
Posts: 4328
Location: Gatineau (Qc), Canada

PostPosted: Sat 27 Mar 2010, 12:40    Post subject:  

RetroTechGuy said:
> [...] What does Puppy provide, that Ubuntu doesn't? [...]

I'll answer a bit out of context.

To my knowledge, Puppy is the only distro that respects my ownership of my machine. I spent some good money to buy this computer, and lots and lots of time configuring it, and my Puppy.

That would have been impossible to such an extent on other distros, since they keep asking for permission ("sudo" or whatever).

Ubuntu makes modifications a bit easier, but still. What right do the initial programmers of any distro have to tell me what I can do and cannot do with my machine? NONE.

Especially pretending to protect me from myself and some potential errors? Come on... Instead, please provide some good and easy ways to back-up your system or any part of it.

I think it's an author's power trip: like a painter or a novelist can be protective of his/her work, they just want to prevent users from changing too much their own concept of what Linux should be -- or at least make it (very) difficult to change.

Or could it be that these programmers are insecure about their own skills? If anybody else changes anything, do they fear that their Linux system will go "bonk"?

Both reactions above are a psychological, human reflex, but it's no good for larger distribution of Linux: those protective attitudes actually prevent wide adoption of Linux among the general public.

Again, in this respect and many others, Puppy is way ahead. It respects me, and is still very safe to use.

_________________
"Logical entities must not be multiplied needlessly." / "Il ne faut pas multiplier les êtres logiques inutilement." (Ockham)
Back to top
View user's profile Send private message Visit poster's website 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 27 Mar 2010, 13:12    Post subject:  

Christian L. (aka / alias musher0) has the right attitude in my opinion.

If the developers or "authors" of software wants to protect me then the best way to do that is to make the program 100% under my command and with tools and built in knowledge that let me know what it does so I can tell it what to allow and not allow.

It is good that they want to protect me but they do it in a way that let them keep the control and me give up on trying to get what the Operating System really do behind the scenes because they use such technical language to describe it.

Dennis, I think you are wrong on this part:

Quote:
If you decide (as you seem to have done) that "Oh, that's too hard. I can't deal with that. I'll use Puppy because it's simpler.", you'll never gain the knowledge you want.


I decided when I first heard of computers to be affordable to ordinary people. Wow that will become my main interest apart from music.

I bought almost every new computer that came out within my financial status. Sinclairs Z80 and Acorn and Commondore and IBM 86 when they had gone down in price on the second hand market around 1983 or so.

I have owned or read from library numerous books on Assembler programming of Z90 and 6505? dfail to remember. Acorn had it or what name they had. I bought books on C and C++ and Pascal and Oberon and Structured Assembler and I had compilers and used them in MsDOS and so on.

I had the opposite attitude that you guess. Nothing was impossible to learn I thought about me. I trusted the propaganda that anybody can learn anything if they really try and practice and are at it.


Not so. To be good at programming and structured thinking you have to have a brain that have that capacity.

Maybe 99% of all people does have that capacity and me trusted me to have it and I behaved as if I had and started early in the morning and gave up for that day at midnight and started again next day and trusted that if one really wanted to learn then it would take sooner or later.

Reality is not that way. some of us fail to live up to the myth that everybody can learn anything on that level.

We are not alike in our heads, some are more clever than others. I unfortunately belong to the low achieving when it comes to being structured in thinking. I am all over the place but none will get accomplished ever.

It was not my thing.Yes but nothing is my thing. I am low achieving in everything I have tried out. Sport, music, making love, dancing, telling stories, reading, talking, walking, running, singing,

They get it wrong when they say that everybody is good at something. That is not true at all. some of us are not good on anything. We are the failed versions of the human species. Despite us trying as hard as we can. we don't have it in us. Lacking the resources we do. I thought for some 40 years that I was as good as anybody. I am not. That was a myth they teach us out of ideology blindness.

But then you should not do computers, let those that can do such then.

Nope, we have the right to do computers too.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 5 of 7 [99 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, 7 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.2197s ][ Queries: 12 (0.0047s) ][ GZIP on ]