Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 17 Jun 2018, 18:39
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Is Full Install Secure?
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 3 [38 Posts]   Goto page: 1, 2, 3 Next
Author Message
sleeper48

Joined: 24 Dec 2017
Posts: 14

PostPosted: Sun 20 May 2018, 15:30    Post subject:  Is Full Install Secure?  

I read this somewhere, just wonder is it true or not?

"Are you quite sure that you should have done a full install? Remember that Puppy runs as root, so it is not secure when run from HD. The frugal install, where the file lives on the HD but is still run from RAM, is recommended for that reason."

If true, any way to make full secure or change it to frugal without starting from scratch?
Back to top
View user's profile Send private message 
bigpup


Joined: 11 Oct 2009
Posts: 10561
Location: Charleston S.C. USA

PostPosted: Mon 21 May 2018, 00:51    Post subject:  

The big difference from a frugal and a full install.

A full install has everything setup as read/write all the time.

A frugal install has all the main Puppy files in a sfs package file.
This file gets read into memory and stays read only.
Nothing can write to it to change it.

All changes are written to a save file/folder.
That save is loaded as read/write.
So, anything could write to it.

If something bad got into the save.
Boot not using the save.
Delete the save and replace it with a good copy of the save, that we know you made just for that purpose.
Back to normal.

Changing to a frugal install from a full install is really going to require a fresh frugal install and install of whatever you want to add to it.

Data files, documents, browser bookmarks, pictures, etc... could be manually transfered from the full install to the frugal.
Actual added programs, you would have to freshly install into the frugal install.

_________________
I have found, in trying to help people, that the things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected Shocked
Back to top
View user's profile Send private message 
sleeper48

Joined: 24 Dec 2017
Posts: 14

PostPosted: Mon 21 May 2018, 11:38    Post subject:  

So, is a full install a big enough security risk to justify a switch to frugal? I'd rather avoid switching unless it's absolutely necessary.
Back to top
View user's profile Send private message 
s243a

Joined: 02 Sep 2014
Posts: 1064

PostPosted: Mon 21 May 2018, 13:29    Post subject:  

sleeper48 wrote:
So, is a full install a big enough security risk to justify a switch to frugal? I'd rather avoid switching unless it's absolutely necessary.


What's your threat model. Are you woried about a windows virus messing with linux or is it more that you want to be able to rollback changes?
Back to top
View user's profile Send private message 
sleeper48

Joined: 24 Dec 2017
Posts: 14

PostPosted: Mon 21 May 2018, 15:05    Post subject:  

s243a wrote:
sleeper48 wrote:
So, is a full install a big enough security risk to justify a switch to frugal? I'd rather avoid switching unless it's absolutely necessary.


What's your threat model. Are you woried about a windows virus messing with linux or is it more that you want to be able to rollback changes?


Not really sure. Exactly what IS the threat from having a full install?
Back to top
View user's profile Send private message 
Galbi


Joined: 21 Sep 2011
Posts: 1024
Location: Bs.As. - Argentina.

PostPosted: Mon 21 May 2018, 15:46    Post subject:  

I can't say if full or frugal, which is more secure, but for the reasons given by Bigpup, is worth doing a frugal install, and of course, making regular backups of the save file.

With frugal installs, you can recover from a damaged sytem in five minutes or you can put your current system in a new machine in ten.

Comming from Windows or from one big distro (Debian, Ubuntu, etc) it's natural to think that full installs are the correct way, but Puppy was designed for frugal installs.

Another advantage, with frugal+backup you can play "learning by breaking"
Smile
Saludos.

_________________
Remember: "pecunia pecuniam parere non potest"
Back to top
View user's profile Send private message 
sleeper48

Joined: 24 Dec 2017
Posts: 14

PostPosted: Mon 21 May 2018, 21:52    Post subject:  

All very interesting. Maybe Puppy should warn at setup that a full install is a security risk. If there had been such a warning, I probably would have chosen frugal. Oh well, live & learn.
Back to top
View user's profile Send private message 
Burn_IT


Joined: 12 Aug 2006
Posts: 3106
Location: Tamworth UK

PostPosted: Tue 22 May 2018, 09:55    Post subject:  

There are bigger things than security issues.
Most of Puppy was actually DESIGNED to run frugally.
There are a lot of features that either do not run as well or are just not supported when it is fully installed.

Puppy is not like other Linuxes. Don't try to force it to be.

_________________
"Just think of it as leaving early to avoid the rush" - T Pratchett
Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 12312
Location: Gatineau (Qc), Canada

PostPosted: Tue 22 May 2018, 13:47    Post subject:  

sleeper48 wrote:
All very interesting. Maybe Puppy should warn at setup that a full install is a
security risk. If there had been such a warning, I probably would have
chosen frugal. Oh well, live & learn.

Hello sleeper48.

In the same line of thought, the recommendation for "pupsave folder" in
the save panel at install time should be changed back to "pupsave file".

A pupsave folder is "open to the world", like a full install.

Not only is a pupsave file
1) more secure,
it is also
2) much easier
-- 2a) to back-up and
-- 2b) to migrate to another PC if you need to.

BFN.

_________________
musher0
~~~~~~~~~~
"Logical entities must not be multiplied beyond necessity." | |
« Il ne faut pas multiplier les entités logiques sans nécessité. » (Ockham)
Back to top
View user's profile Send private message 
Moat


Joined: 16 Jul 2013
Posts: 842
Location: Mid-mitten, USA

PostPosted: Tue 22 May 2018, 23:06    Post subject:  

Agreed 100% - frugal + saveFILE really should be the recommended (and most supported by devs) default. As well, we need a naming convention change to the words "full" & "frugal" in order to avoid the all-too-common confusion seen repeatedly here among newer users.

Bob
Back to top
View user's profile Send private message 
sleeper48

Joined: 24 Dec 2017
Posts: 14

PostPosted: Wed 23 May 2018, 12:15    Post subject:  

Burn_IT wrote:
There are bigger things than security issues.
Most of Puppy was actually DESIGNED to run frugally.
There are a lot of features that either do not run as well or are just not supported when it is fully installed.

Puppy is not like other Linuxes. Don't try to force it to be.


That's the point. How many newbies would know this? I didn't. Puppy should make this all clear at time of install.
Back to top
View user's profile Send private message 
RetroTechGuy


Joined: 15 Dec 2009
Posts: 2886
Location: USA

PostPosted: Wed 23 May 2018, 12:59    Post subject:  

musher0 wrote:
sleeper48 wrote:
All very interesting. Maybe Puppy should warn at setup that a full install is a
security risk. If there had been such a warning, I probably would have
chosen frugal. Oh well, live & learn.

Hello sleeper48.

In the same line of thought, the recommendation for "pupsave folder" in
the save panel at install time should be changed back to "pupsave file".

A pupsave folder is "open to the world", like a full install.

Not only is a pupsave file
1) more secure,
it is also
2) much easier
-- 2a) to back-up and
-- 2b) to migrate to another PC if you need to.

BFN.


This is exactly why I haven't moved away from frugal installs. It's also easy to implement multiple "users". Just copy the unmounted volume to another name.

I usually copy backups to a name ending with .2fx instead of the usual .2fs. This hides the volume from Puppy during boot. Rename or copy it back, and you're back in business.

For "security", I have a "main" version of a puppy save file that I normally use, then I have a "secure" version which is ONLY used to access bank accounts and the like. If you were really paranoid, you could make a different save file for each individual financial agency that you deal with. But I figure that the small number of sites I need to visit, the chance of some kind of infection is small (Linux is already a small chance of infection)

_________________
Add swapfile
WellMinded Search
Back to top
View user's profile Send private message 
dancytron

Joined: 18 Jul 2012
Posts: 1059

PostPosted: Wed 23 May 2018, 14:40    Post subject:  

sleeper48 wrote:
Burn_IT wrote:
There are bigger things than security issues.
Most of Puppy was actually DESIGNED to run frugally.
There are a lot of features that either do not run as well or are just not supported when it is fully installed.

Puppy is not like other Linuxes. Don't try to force it to be.


That's the point. How many newbies would know this? I didn't. Puppy should make this all clear at time of install.


There has been talk on and off over the years. One suggestion was to change the name of "full install" to "legacy install".
Back to top
View user's profile Send private message 
sleeper48

Joined: 24 Dec 2017
Posts: 14

PostPosted: Wed 23 May 2018, 21:48    Post subject:  

dancytron wrote:
sleeper48 wrote:
Burn_IT wrote:
There are bigger things than security issues.
Most of Puppy was actually DESIGNED to run frugally.
There are a lot of features that either do not run as well or are just not supported when it is fully installed.

Puppy is not like other Linuxes. Don't try to force it to be.


That's the point. How many newbies would know this? I didn't. Puppy should make this all clear at time of install.


There has been talk on and off over the years. One suggestion was to change the name of "full install" to "legacy install".


No matter what they call it, I think it should state Security Risk or something similar.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1569
Location: N.E. USA

PostPosted: Thu 24 May 2018, 01:28    Post subject:  

In regard to naming conventions... I think of full = internal, and frugal = external. I guess a USB HDD = hybrid.

OT:/ These newer stubby USB "sticks" are not too bad for speed considering the handful of $'s they cost (<$10 for 32Gb USB-2)
Even more remarkable is the advances in the Micro SDHC chips. Considering most older machines need an adapter (slows it down a bit) I've found a few 32Gb Class-10 China-brands that run 90% of say a 32Gb SanDisk Cruzer Fit Stubby (18Mb vs. 20Mb) and the cost is US$5 instead of $10+.
PM me for two decent ones at aliexpress. /OT

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 3 [38 Posts]   Goto page: 1, 2, 3 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1776s ][ Queries: 15 (0.0217s) ][ GZIP on ]